1 /******************************************************************************
3 * Copyright (C) 2003-2012 Broadcom Corporation
5 * Licensed under the Apache License, Version 2.0 (the "License");
6 * you may not use this file except in compliance with the License.
7 * You may obtain a copy of the License at:
9 * http://www.apache.org/licenses/LICENSE-2.0
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
17 ******************************************************************************/
19 /******************************************************************************
21 * This file contains the action functions for device manager state
24 ******************************************************************************/
31 #include "bta_dm_int.h"
32 #include "bta_dm_co.h"
42 static void bta_dm_inq_results_cb (tBTM_INQ_RESULTS *p_inq, UINT8 *p_eir);
43 static void bta_dm_inq_cmpl_cb (void * p_result);
44 static void bta_dm_service_search_remname_cback (BD_ADDR bd_addr, DEV_CLASS dc, BD_NAME bd_name);
45 static void bta_dm_remname_cback (tBTM_REMOTE_DEV_NAME *p_remote_name);
46 static void bta_dm_find_services ( BD_ADDR bd_addr);
47 static void bta_dm_discover_next_device(void);
48 static void bta_dm_sdp_callback (UINT16 sdp_status);
49 static UINT8 bta_dm_authorize_cback (BD_ADDR bd_addr, DEV_CLASS dev_class, BD_NAME bd_name, UINT8 *service_name, UINT8 service_id, BOOLEAN is_originator);
50 static UINT8 bta_dm_pin_cback (BD_ADDR bd_addr, DEV_CLASS dev_class, BD_NAME bd_name);
51 static UINT8 bta_dm_link_key_request_cback (BD_ADDR bd_addr, LINK_KEY key);
52 static UINT8 bta_dm_new_link_key_cback(BD_ADDR bd_addr, DEV_CLASS dev_class, BD_NAME bd_name, LINK_KEY key, UINT8 key_type);
53 static UINT8 bta_dm_authentication_complete_cback(BD_ADDR bd_addr, DEV_CLASS dev_class,BD_NAME bd_name, int result);
54 static void bta_dm_local_name_cback(BD_ADDR bd_addr);
55 static BOOLEAN bta_dm_check_av(UINT16 event);
56 #if (BTM_BUSY_LEVEL_CHANGE_INCLUDED == TRUE)
57 static void bta_dm_bl_change_cback (tBTM_BL_EVENT_DATA *p_data);
59 static void bta_dm_acl_change_cback (BD_ADDR p_bda, DEV_CLASS p_dc, BD_NAME p_bdn, UINT8 *features, BOOLEAN is_new);
61 static void bta_dm_policy_cback(tBTA_SYS_CONN_STATUS status, UINT8 id, UINT8 app_id, BD_ADDR peer_addr);
63 /* Extended Inquiry Response */
64 static UINT8 bta_dm_sp_cback (tBTM_SP_EVT event, tBTM_SP_EVT_DATA *p_data);
66 #if (BTM_EIR_SERVER_INCLUDED == TRUE)
67 static void bta_dm_set_eir (char *local_name);
68 #endif /* BTM_EIR_SERVER_INCLUDED */
70 #if (BTM_EIR_CLIENT_INCLUDED == TRUE)
71 static void bta_dm_eir_search_services( tBTM_INQ_RESULTS *p_result,
72 tBTA_SERVICE_MASK *p_services_to_search,
73 tBTA_SERVICE_MASK *p_services_found);
74 #endif /* BTM_EIR_CLIENT_INCLUDED */
76 static void bta_dm_rssi_cback (tBTM_RSSI_RESULTS *p_result);
77 static void bta_dm_signal_strength_timer_cback (TIMER_LIST_ENT *p_tle);
78 static void bta_dm_link_quality_cback (tBTM_LINK_QUALITY_RESULTS *p_result);
79 static void bta_dm_search_timer_cback (TIMER_LIST_ENT *p_tle);
80 static void bta_dm_disable_timer_cback (TIMER_LIST_ENT *p_tle);
81 static void bta_dm_disable_conn_down_timer_cback (TIMER_LIST_ENT *p_tle);
82 static void bta_dm_rm_cback(tBTA_SYS_CONN_STATUS status, UINT8 id, UINT8 app_id, BD_ADDR peer_addr);
83 static void bta_dm_adjust_roles(BOOLEAN delay_role_switch);
84 static char *bta_dm_get_remname(void);
85 static void bta_dm_bond_cancel_complete_cback(tBTM_STATUS result);
87 static BOOLEAN bta_dm_read_remote_device_name (BD_ADDR bd_addr);
88 static void bta_dm_discover_device(BD_ADDR remote_bd_addr);
90 static void bta_dm_sys_hw_cback( tBTA_SYS_HW_EVT status );
92 static BOOLEAN bta_dm_dev_blacklisted_for_switch (BD_ADDR remote_bd_addr);
93 static void bta_dm_delay_role_switch_cback (TIMER_LIST_ENT *p_tle);
95 static void bta_dm_disable_search_and_disc(void);
96 #if ((defined BLE_INCLUDED) && (BLE_INCLUDED == TRUE))
97 #if ((defined SMP_INCLUDED) && (SMP_INCLUDED == TRUE))
98 static UINT8 bta_dm_ble_smp_cback (tBTM_LE_EVT event, BD_ADDR bda, tBTM_LE_EVT_DATA *p_data);
100 static void bta_dm_ble_id_key_cback (UINT8 key_type, tBTM_BLE_LOCAL_KEYS *p_key);
101 #if ((defined BTA_GATT_INCLUDED) && (BTA_GATT_INCLUDED == TRUE))
102 static void bta_dm_gattc_register(void);
103 static void btm_dm_start_gatt_discovery ( BD_ADDR bd_addr);
104 static void bta_dm_cancel_gatt_discovery(BD_ADDR bd_addr);
105 static void bta_dm_gattc_callback(tBTA_GATTC_EVT event, tBTA_GATTC *p_data);
107 static void bta_dm_observe_results_cb (tBTM_INQ_RESULTS *p_inq, UINT8 *p_eir);
108 static void bta_dm_observe_cmpl_cb (void * p_result);
110 #ifndef BTA_DM_BLE_ADV_CHNL_MAP
111 #define BTA_DM_BLE_ADV_CHNL_MAP (BTM_BLE_ADV_CHNL_37|BTM_BLE_ADV_CHNL_38|BTM_BLE_ADV_CHNL_39)
114 static void bta_dm_remove_sec_dev_entry(BD_ADDR remote_bd_addr);
116 extern void sdpu_uuid16_to_uuid128(UINT16 uuid16, UINT8* p_uuid128);
118 const UINT16 bta_service_id_to_uuid_lkup_tbl [BTA_MAX_SERVICE_ID] =
120 UUID_SERVCLASS_PNP_INFORMATION, /* Reserved */
121 UUID_SERVCLASS_SERIAL_PORT, /* BTA_SPP_SERVICE_ID */
122 UUID_SERVCLASS_DIALUP_NETWORKING, /* BTA_DUN_SERVICE_ID */
123 UUID_SERVCLASS_AUDIO_SOURCE, /* BTA_A2DP_SOURCE_SERVICE_ID */
124 UUID_SERVCLASS_LAN_ACCESS_USING_PPP, /* BTA_LAP_SERVICE_ID */
125 UUID_SERVCLASS_HEADSET, /* BTA_HSP_HS_SERVICE_ID */
126 UUID_SERVCLASS_HF_HANDSFREE, /* BTA_HFP_HS_SERVICE_ID */
127 UUID_SERVCLASS_OBEX_OBJECT_PUSH, /* BTA_OPP_SERVICE_ID */
128 UUID_SERVCLASS_OBEX_FILE_TRANSFER, /* BTA_FTP_SERVICE_ID */
129 UUID_SERVCLASS_CORDLESS_TELEPHONY, /* BTA_CTP_SERVICE_ID */
130 UUID_SERVCLASS_INTERCOM, /* BTA_ICP_SERVICE_ID */
131 UUID_SERVCLASS_IRMC_SYNC, /* BTA_SYNC_SERVICE_ID */
132 UUID_SERVCLASS_DIRECT_PRINTING, /* BTA_BPP_SERVICE_ID */
133 UUID_SERVCLASS_IMAGING_RESPONDER, /* BTA_BIP_SERVICE_ID */
134 UUID_SERVCLASS_PANU, /* BTA_PANU_SERVICE_ID */
135 UUID_SERVCLASS_NAP, /* BTA_NAP_SERVICE_ID */
136 UUID_SERVCLASS_GN, /* BTA_GN_SERVICE_ID */
137 UUID_SERVCLASS_SAP, /* BTA_SAP_SERVICE_ID */
138 UUID_SERVCLASS_AUDIO_SINK, /* BTA_A2DP_SERVICE_ID */
139 UUID_SERVCLASS_AV_REMOTE_CONTROL, /* BTA_AVRCP_SERVICE_ID */
140 UUID_SERVCLASS_HUMAN_INTERFACE, /* BTA_HID_SERVICE_ID */
141 UUID_SERVCLASS_VIDEO_SINK, /* BTA_VDP_SERVICE_ID */
142 UUID_SERVCLASS_PBAP_PSE, /* BTA_PBAP_SERVICE_ID */
143 UUID_SERVCLASS_HEADSET_AUDIO_GATEWAY, /* BTA_HSP_SERVICE_ID */
144 UUID_SERVCLASS_AG_HANDSFREE, /* BTA_HFP_SERVICE_ID */
145 UUID_SERVCLASS_MESSAGE_ACCESS, /* BTA_MAP_SERVICE_ID */
146 UUID_SERVCLASS_MESSAGE_NOTIFICATION, /* BTA_MN_SERVICE_ID */
147 UUID_SERVCLASS_HDP_PROFILE, /* BTA_HDP_SERVICE_ID */
148 UUID_SERVCLASS_PBAP_PCE /* BTA_PCE_SERVICE_ID */
149 #if BLE_INCLUDED && BTA_GATT_INCLUDED
150 ,UUID_PROTOCOL_ATT /* BTA_GATT_SERVICE_ID */
155 * NOTE : The number of element in bta_service_id_to_btm_srv_id_lkup_tbl should be matching with
156 * the value BTA_MAX_SERVICE_ID in bta_api.h
158 * i.e., If you add new Service ID for BTA, the correct security ID of the new service
159 * from Security service definitions (btm_api.h) should be added to this lookup table.
161 const UINT32 bta_service_id_to_btm_srv_id_lkup_tbl [BTA_MAX_SERVICE_ID] =
164 BTM_SEC_SERVICE_SERIAL_PORT, /* BTA_SPP_SERVICE_ID */
165 BTM_SEC_SERVICE_DUN, /* BTA_DUN_SERVICE_ID */
166 BTM_SEC_SERVICE_AVDTP, /* BTA_AUDIO_SOURCE_SERVICE_ID */
167 BTM_SEC_SERVICE_LAN_ACCESS, /* BTA_LAP_SERVICE_ID */
168 BTM_SEC_SERVICE_HEADSET_AG, /* BTA_HSP_SERVICE_ID */
169 BTM_SEC_SERVICE_AG_HANDSFREE, /* BTA_HFP_SERVICE_ID */
170 BTM_SEC_SERVICE_OBEX, /* BTA_OPP_SERVICE_ID */
171 BTM_SEC_SERVICE_OBEX_FTP, /* BTA_FTP_SERVICE_ID */
172 BTM_SEC_SERVICE_CORDLESS, /* BTA_CTP_SERVICE_ID */
173 BTM_SEC_SERVICE_INTERCOM, /* BTA_ICP_SERVICE_ID */
174 BTM_SEC_SERVICE_IRMC_SYNC, /* BTA_SYNC_SERVICE_ID */
175 BTM_SEC_SERVICE_BPP_JOB, /* BTA_BPP_SERVICE_ID */
176 BTM_SEC_SERVICE_BIP, /* BTA_BIP_SERVICE_ID */
177 BTM_SEC_SERVICE_BNEP_PANU, /* BTA_PANU_SERVICE_ID */
178 BTM_SEC_SERVICE_BNEP_NAP, /* BTA_NAP_SERVICE_ID */
179 BTM_SEC_SERVICE_BNEP_GN, /* BTA_GN_SERVICE_ID */
180 BTM_SEC_SERVICE_SAP, /* BTA_SAP_SERVICE_ID */
181 BTM_SEC_SERVICE_AVDTP, /* BTA_A2DP_SERVICE_ID */
182 BTM_SEC_SERVICE_AVCTP, /* BTA_AVRCP_SERVICE_ID */
183 BTM_SEC_SERVICE_HIDH_SEC_CTRL, /* BTA_HID_SERVICE_ID */
184 BTM_SEC_SERVICE_AVDTP, /* BTA_VDP_SERVICE_ID */
185 BTM_SEC_SERVICE_PBAP, /* BTA_PBAP_SERVICE_ID */
186 BTM_SEC_SERVICE_HEADSET, /* BTA_HSP_HS_SERVICE_ID */
187 BTM_SEC_SERVICE_HF_HANDSFREE, /* BTA_HFP_HS_SERVICE_ID */
188 BTM_SEC_SERVICE_MAP, /* BTA_MAP_SERVICE_ID */
189 BTM_SEC_SERVICE_MAP, /* BTA_MN_SERVICE_ID */
190 BTM_SEC_SERVICE_HDP_SNK, /* BTA_HDP_SERVICE_ID */
191 BTM_SEC_SERVICE_PBAP /* BTA_PCE_SERVICE_ID */
192 #if BLE_INCLUDED && BTA_GATT_INCLUDED
193 ,BTM_SEC_SERVICE_ATT /* BTA_GATT_SERVICE_ID */
198 /* bta security callback */
199 const tBTM_APPL_INFO bta_security =
201 &bta_dm_authorize_cback,
203 &bta_dm_new_link_key_cback,
204 &bta_dm_link_key_request_cback,
205 &bta_dm_authentication_complete_cback,
207 &bta_dm_bond_cancel_complete_cback,
208 #if (BTM_LOCAL_IO_CAPS != BTM_IO_CAP_NONE)
213 #if BLE_INCLUDED == TRUE
214 #if SMP_INCLUDED == TRUE
215 ,&bta_dm_ble_smp_cback
217 ,&bta_dm_ble_id_key_cback
222 /* TBD... To be moved to some conf file..? */
223 #define BTA_DM_MAX_ROLE_SWITCH_BLACKLIST_COUNT 5
224 const tBTA_DM_LMP_VER_INFO bta_role_switch_blacklist[BTA_DM_MAX_ROLE_SWITCH_BLACKLIST_COUNT] =
226 {0x000F,0x2000,0x04},
233 #define MAX_DISC_RAW_DATA_BUF (4096)
234 UINT8 g_disc_raw_data_buf[MAX_DISC_RAW_DATA_BUF];
236 /*******************************************************************************
238 ** Function bta_dm_app_ready_timer_cback
240 ** Description allow sending EIR to controller
245 *******************************************************************************/
246 #if ( BTM_EIR_SERVER_INCLUDED == TRUE )&&(BTA_EIR_CANNED_UUID_LIST != TRUE)
247 static void bta_dm_app_ready_timer_cback (TIMER_LIST_ENT *p_tle)
249 bta_dm_set_eir (NULL);
252 #define bta_dm_app_ready_timer_cback (x)
255 /*******************************************************************************
257 ** Function bta_dm_enable
259 ** Description Initialises the BT device manager
264 *******************************************************************************/
265 void bta_dm_enable(tBTA_DM_MSG *p_data)
267 tBTA_SYS_HW_MSG *sys_enable_event;
268 tBTA_DM_SEC sec_event;
270 /* if already in use, return an error */
271 if( bta_dm_cb.is_bta_dm_active == TRUE )
273 APPL_TRACE_WARNING0("bta_dm_enable - device already started by another application");
274 memset(&sec_event.enable, 0, sizeof ( tBTA_DM_ENABLE ));
275 sec_event.enable.status = BTA_FAILURE;
276 if( p_data->enable.p_sec_cback != NULL )
277 p_data->enable.p_sec_cback (BTA_DM_ENABLE_EVT, &sec_event);
281 /* first, register our callback to SYS HW manager */
282 bta_sys_hw_register( BTA_SYS_HW_BLUETOOTH, bta_dm_sys_hw_cback );
284 /* make sure security callback is saved - if no callback, do not erase the previous one,
285 it could be an error recovery mechanism */
286 if( p_data->enable.p_sec_cback != NULL )
287 bta_dm_cb.p_sec_cback = p_data->enable.p_sec_cback;
288 /* notify BTA DM is now active */
289 bta_dm_cb.is_bta_dm_active = TRUE;
291 /* send a message to BTA SYS */
292 if ((sys_enable_event = (tBTA_SYS_HW_MSG *) GKI_getbuf(sizeof(tBTA_SYS_HW_MSG))) != NULL)
294 sys_enable_event->hdr.event = BTA_SYS_API_ENABLE_EVT;
295 sys_enable_event->hw_module = BTA_SYS_HW_BLUETOOTH;
297 bta_sys_sendmsg(sys_enable_event);
307 /*******************************************************************************
309 ** Function bta_dm_sys_hw_cback
311 ** Description callback register to SYS to get HW status updates
316 *******************************************************************************/
317 static void bta_dm_sys_hw_cback( tBTA_SYS_HW_EVT status )
320 tBTA_DM_SEC_CBACK *temp_cback;
321 #if BLE_INCLUDED == TRUE
324 tBTA_BLE_LOCAL_ID_KEYS id_key;
325 tBT_UUID app_uuid = {LEN_UUID_128,{0}};
327 APPL_TRACE_DEBUG1(" bta_dm_sys_hw_cback with event: %i" , status );
329 /* On H/W error evt, report to the registered DM application callback */
330 if (status == BTA_SYS_HW_ERROR_EVT) {
331 if( bta_dm_cb.p_sec_cback != NULL )
332 bta_dm_cb.p_sec_cback(BTA_DM_HW_ERROR_EVT, NULL);
335 if( status == BTA_SYS_HW_OFF_EVT )
337 if( bta_dm_cb.p_sec_cback != NULL )
338 bta_dm_cb.p_sec_cback(BTA_DM_DISABLE_EVT, NULL);
340 /* reinitialize the control block */
341 memset(&bta_dm_cb, 0, sizeof(bta_dm_cb));
343 /* unregister from SYS */
344 bta_sys_hw_unregister( BTA_SYS_HW_BLUETOOTH );
345 /* notify BTA DM is now unactive */
346 bta_dm_cb.is_bta_dm_active = FALSE;
349 if( status == BTA_SYS_HW_ON_EVT )
351 /* FIXME: We should not unregister as the SYS shall invoke this callback on a H/W error.
352 * We need to revisit when this platform has more than one BLuetooth H/W chip */
353 //bta_sys_hw_unregister( BTA_SYS_HW_BLUETOOTH);
355 /* save security callback */
356 temp_cback = bta_dm_cb.p_sec_cback;
357 /* make sure the control block is properly initialized */
358 memset(&bta_dm_cb, 0, sizeof(bta_dm_cb));
359 /* and retrieve the callback */
360 bta_dm_cb.p_sec_cback=temp_cback;
361 bta_dm_cb.is_bta_dm_active = TRUE;
363 /* hw is ready, go on with BTA DM initialization */
364 memset(&bta_dm_search_cb, 0x00, sizeof(bta_dm_search_cb));
365 memset(&bta_dm_conn_srvcs, 0x00, sizeof(bta_dm_conn_srvcs));
366 memset(&bta_dm_di_cb, 0, sizeof(tBTA_DM_DI_CB));
368 memcpy(dev_class, bta_dm_cfg.dev_class, sizeof(dev_class));
369 BTM_SetDeviceClass (dev_class);
371 #if (defined BLE_INCLUDED && BLE_INCLUDED == TRUE)
372 /* load BLE local information: ID keys, ER if available */
373 bta_dm_co_ble_load_local_keys(&key_mask, er, &id_key);
375 if (key_mask & BTA_BLE_LOCAL_KEY_TYPE_ER)
377 BTM_BleLoadLocalKeys(BTA_BLE_LOCAL_KEY_TYPE_ER, (tBTM_BLE_LOCAL_KEYS *)&er);
379 if (key_mask & BTA_BLE_LOCAL_KEY_TYPE_ID)
381 BTM_BleLoadLocalKeys(BTA_BLE_LOCAL_KEY_TYPE_ID, (tBTM_BLE_LOCAL_KEYS *)&id_key);
383 bta_dm_search_cb.conn_id = BTA_GATT_INVALID_CONN_ID;
386 BTM_SecRegister((tBTM_APPL_INFO*)&bta_security);
387 BTM_SetDefaultLinkSuperTout(bta_dm_cfg.link_timeout);
388 BTM_WritePageTimeout(bta_dm_cfg.page_timeout);
389 bta_dm_cb.cur_policy = bta_dm_cfg.policy_settings;
390 BTM_SetDefaultLinkPolicy(bta_dm_cb.cur_policy);
391 #if (defined(BTM_BUSY_LEVEL_CHANGE_INCLUDED) && BTM_BUSY_LEVEL_CHANGE_INCLUDED == TRUE)
392 BTM_RegBusyLevelNotif (bta_dm_bl_change_cback, NULL, BTM_BL_UPDATE_MASK|BTM_BL_ROLE_CHG_MASK);
394 BTM_AclRegisterForChanges(bta_dm_acl_change_cback);
396 /* Earlier, we used to invoke BTM_ReadLocalAddr which was just copying the bd_addr
397 from the control block and invoking the callback which was sending the DM_ENABLE_EVT.
398 But then we have a few HCI commands being invoked above which were still in progress
399 when the ENABLE_EVT was sent. So modified this to fetch the local name which forces
400 the DM_ENABLE_EVT to be sent only after all the init steps are complete */
401 BTM_ReadLocalDeviceNameFromController((tBTM_CMPL_CB *)bta_dm_local_name_cback);
403 bta_sys_rm_register((tBTA_SYS_CONN_CBACK*)bta_dm_rm_cback);
405 /* initialize bluetooth low power manager */
408 bta_sys_policy_register((tBTA_SYS_CONN_CBACK*)bta_dm_policy_cback);
411 // BLUEDROID REMOVE ??
414 /* Create broadcom primary DI record */
415 if(WBT_ExtCreateRecord())
417 #if ( BTM_EIR_SERVER_INCLUDED == TRUE )&&( BTA_EIR_CANNED_UUID_LIST != TRUE )
418 /* while app_ready_timer is running, BTA DM doesn't send EIR to controller */
419 bta_dm_cb.app_ready_timer.p_cback = (TIMER_CBACK*)&bta_dm_app_ready_timer_cback;
420 bta_sys_start_timer(&bta_dm_cb.app_ready_timer, 0, 100);
422 bta_sys_add_uuid(UUID_SERVCLASS_PNP_INFORMATION);
424 bta_dm_di_cb.di_handle[bta_dm_di_cb.di_num] = 0; /* primary DI record */
425 bta_dm_di_cb.di_num ++;
427 #else /* Eventually implement pin code */
428 if (WBT_ExtCreateRecord())
432 #if (BLE_INCLUDED == TRUE && BTA_GATT_INCLUDED == TRUE)
433 memset (&app_uuid.uu.uuid128, 0x87, LEN_UUID_128);
434 bta_dm_gattc_register();
439 APPL_TRACE_DEBUG0(" --- ignored event");
444 /*******************************************************************************
446 ** Function bta_dm_disable
448 ** Description Disables the BT device manager
453 *******************************************************************************/
454 void bta_dm_disable (tBTA_DM_MSG *p_data)
456 /* Set l2cap idle timeout to 0 (so BTE immediately disconnects ACL link after last channel is closed) */
457 L2CA_SetIdleTimeoutByBdAddr((UINT8 *)BT_BD_ANY, 0);
459 /* disable all active subsystems */
460 bta_sys_disable(BTA_SYS_HW_BLUETOOTH);
462 BTM_SetDiscoverability(BTM_NON_DISCOVERABLE, 0, 0);
463 BTM_SetConnectability(BTM_NON_CONNECTABLE, 0, 0);
466 bta_dm_disable_search_and_disc();
467 bta_dm_cb.disabling = TRUE;
470 if(BTM_GetNumAclLinks()==0)
472 #if (defined(BTA_DISABLE_DELAY) && BTA_DISABLE_DELAY > 0)
473 /* If BTA_DISABLE_DELAY is defined and greater than zero, then delay the shutdown by
474 * BTA_DISABLE_DELAY milliseconds
476 APPL_TRACE_WARNING2("%s BTA_DISABLE_DELAY set to %d ms",
477 __FUNCTION__, BTA_DISABLE_DELAY);
478 bta_sys_stop_timer(&bta_dm_cb.disable_timer);
479 bta_dm_cb.disable_timer.p_cback = (TIMER_CBACK*)&bta_dm_disable_conn_down_timer_cback;
480 bta_sys_start_timer(&bta_dm_cb.disable_timer, 0, BTA_DISABLE_DELAY);
482 bta_dm_disable_conn_down_timer_cback(NULL);
487 bta_dm_cb.disable_timer.p_cback = (TIMER_CBACK*)&bta_dm_disable_timer_cback;
488 bta_sys_start_timer(&bta_dm_cb.disable_timer, 0, 5000);
493 /*******************************************************************************
495 ** Function bta_dm_disable_timer_cback
497 ** Description Called if the disable timer expires
498 ** Used to close ACL connections which are still active
504 *******************************************************************************/
505 static void bta_dm_disable_timer_cback (TIMER_LIST_ENT *p_tle)
510 APPL_TRACE_EVENT0(" bta_dm_disable_timer_cback ");
512 if(BTM_GetNumAclLinks())
514 for(i=0; i<bta_dm_cb.device_list.count; i++)
516 btm_remove_acl(bta_dm_cb.device_list.peer_device[i].peer_bdaddr);
523 bta_dm_cb.disabling = FALSE;
525 bta_sys_remove_uuid(UUID_SERVCLASS_PNP_INFORMATION);
526 bta_dm_cb.p_sec_cback(BTA_DM_DISABLE_EVT, NULL);
533 /*******************************************************************************
535 ** Function bta_dm_set_dev_name
537 ** Description Sets local device name
542 *******************************************************************************/
543 void bta_dm_set_dev_name (tBTA_DM_MSG *p_data)
546 BTM_SetLocalDeviceName((char*)p_data->set_name.name);
547 #if (BTM_EIR_SERVER_INCLUDED == TRUE)
548 bta_dm_set_eir ((char*)p_data->set_name.name);
552 /*******************************************************************************
554 ** Function bta_dm_set_visibility
556 ** Description Sets discoverability, connectability and pairability
561 *******************************************************************************/
562 void bta_dm_set_visibility (tBTA_DM_MSG *p_data)
566 /* set modes for Discoverability and connectability if not ignore */
567 if (p_data->set_visibility.disc_mode != BTA_DM_IGNORE)
568 BTM_SetDiscoverability((UINT8)p_data->set_visibility.disc_mode,
569 bta_dm_cb.inquiry_scan_window,
570 bta_dm_cb.inquiry_scan_interval);
572 if (p_data->set_visibility.conn_mode != BTA_DM_IGNORE)
573 BTM_SetConnectability((UINT8)p_data->set_visibility.conn_mode,
574 bta_dm_cb.page_scan_window,
575 bta_dm_cb.page_scan_interval);
577 /* Send False or True if not ignore */
578 if (p_data->set_visibility.pair_mode != BTA_DM_IGNORE )
581 if (p_data->set_visibility.pair_mode == BTA_DM_NON_PAIRABLE)
582 bta_dm_cb.disable_pair_mode = TRUE;
584 bta_dm_cb.disable_pair_mode = FALSE;
588 /* Send False or True if not ignore */
589 if (p_data->set_visibility.conn_paired_only != BTA_DM_IGNORE)
592 if (p_data->set_visibility.conn_paired_only == BTA_DM_CONN_ALL)
593 bta_dm_cb.conn_paired_only = FALSE;
595 bta_dm_cb.conn_paired_only = TRUE;
599 /* Change mode if either mode is not ignore */
600 if (p_data->set_visibility.pair_mode != BTA_DM_IGNORE || p_data->set_visibility.conn_paired_only != BTA_DM_IGNORE)
601 BTM_SetPairableMode((BOOLEAN)(!(bta_dm_cb.disable_pair_mode)),bta_dm_cb.conn_paired_only);
606 /*******************************************************************************
608 ** Function bta_dm_set_afhchannels
610 ** Description This function sets the AFH first and
611 ** last disable channel, so channels within
612 ** that range are disabled.
617 *******************************************************************************/
618 void bta_dm_set_afhchannels (tBTA_DM_MSG *p_data)
620 BTM_SetAfhChannels(p_data->set_afhchannels.first,p_data->set_afhchannels.last);
625 /*******************************************************************************
627 ** Function bta_dm_vendor_spec_command
629 ** Description Send a vendor specific command to the controller
634 *******************************************************************************/
635 void bta_dm_vendor_spec_command (tBTA_DM_MSG *p_data)
639 status = BTM_VendorSpecificCommand(p_data->vendor_command.opcode,p_data->vendor_command.param_len,p_data->vendor_command.p_param_buf, p_data->vendor_command.p_cback);
644 /*******************************************************************************
646 ** Function bta_dm_tx_inqpower
648 ** Description write inquiry tx power.
653 *******************************************************************************/
654 void bta_dm_tx_inqpower(tBTA_DM_MSG *p_data)
656 if (BTM_WriteInquiryTxPower (p_data->tx_inq_pwr.tx_power) == BTM_ILLEGAL_VALUE)
658 APPL_TRACE_ERROR1("Invalid Inquiry Tx Power: %d", p_data->tx_inq_pwr.tx_power);
663 /*******************************************************************************
665 ** Function bta_dm_remove_device
667 ** Description Removes device, Disconnects ACL link if required.
669 *******************************************************************************/
670 void bta_dm_remove_device (tBTA_DM_MSG *p_data)
672 tBTA_DM_API_REMOVE_DEVICE *p_dev = &p_data->remove_dev;
674 tBTA_DM_SEC sec_event;
676 if (BTM_IsAclConnectionUp(p_dev->bd_addr))
678 /* Take the link down first, and mark the device for removal when disconnected */
679 btm_remove_acl( p_dev->bd_addr) ;
681 for(i=0; i<bta_dm_cb.device_list.count; i++)
683 if(!bdcmp( bta_dm_cb.device_list.peer_device[i].peer_bdaddr, p_dev->bd_addr))
687 if(i < bta_dm_cb.device_list.count)
689 bta_dm_cb.device_list.peer_device[i].conn_state = BTA_DM_UNPAIRING;
692 else /* Ok to remove the device in application layer */
694 BTM_SecDeleteDevice(p_dev->bd_addr);
695 if( bta_dm_cb.p_sec_cback )
697 bdcpy(sec_event.link_down.bd_addr, p_dev->bd_addr);
698 /* No connection, set status to success (acl disc code not valid) */
699 sec_event.link_down.status = HCI_SUCCESS;
700 bta_dm_cb.p_sec_cback(BTA_DM_DEV_UNPAIRED_EVT, &sec_event);
705 /*******************************************************************************
707 ** Function bta_dm_add_device
709 ** Description This function adds a Link Key to an security database entry.
710 ** It is normally called during host startup to restore all required information
711 ** stored in the NVRAM.
713 *******************************************************************************/
714 void bta_dm_add_device (tBTA_DM_MSG *p_data)
716 tBTA_DM_API_ADD_DEVICE *p_dev = &p_data->add_dev;
719 UINT32 trusted_services_mask[BTM_SEC_SERVICE_ARRAY_SIZE];
721 UINT8 btm_mask_index = 0;
723 memset (trusted_services_mask, 0, sizeof(trusted_services_mask));
725 /* If not all zeros, the device class has been specified */
727 p_dc = (UINT8 *)p_dev->dc;
729 if (p_dev->link_key_known)
730 p_lc = (UINT8 *)p_dev->link_key;
732 if (p_dev->is_trusted)
734 /* covert BTA service mask to BTM mask */
735 while (p_dev->tm && (index < BTA_MAX_SERVICE_ID))
737 if (p_dev->tm & (UINT32)(1<<index))
740 btm_mask_index = bta_service_id_to_btm_srv_id_lkup_tbl[index] / BTM_SEC_ARRAY_BITS;
741 trusted_services_mask[btm_mask_index] |= (UINT32)(1 << (bta_service_id_to_btm_srv_id_lkup_tbl[index] - (UINT32)(btm_mask_index * 32)));
743 p_dev->tm &= (UINT32)(~(1<<index));
750 if (!BTM_SecAddDevice (p_dev->bd_addr, p_dc, p_dev->bd_name, p_dev->features,
751 trusted_services_mask, p_lc, p_dev->key_type, p_dev->io_cap))
753 APPL_TRACE_ERROR2 ("BTA_DM: Error adding device %08x%04x",
754 (p_dev->bd_addr[0]<<24)+(p_dev->bd_addr[1]<<16)+(p_dev->bd_addr[2]<<8)+p_dev->bd_addr[3],
755 (p_dev->bd_addr[4]<<8)+p_dev->bd_addr[5]);
759 /*******************************************************************************
761 ** Function bta_dm_close_acl
763 ** Description This function forces to close the connection to a remote device
764 ** and optionaly remove the device from security database if
767 *******************************************************************************/
768 void bta_dm_close_acl(tBTA_DM_MSG *p_data)
770 tBTA_DM_API_REMOVE_ACL *p_remove_acl = &p_data->remove_acl;
773 APPL_TRACE_DEBUG0("bta_dm_close_acl");
775 if (BTM_IsAclConnectionUp(p_remove_acl->bd_addr))
777 for (index = 0; index < bta_dm_cb.device_list.count; index ++)
779 if (!bdcmp( bta_dm_cb.device_list.peer_device[index].peer_bdaddr, p_remove_acl->bd_addr))
782 if (index != bta_dm_cb.device_list.count)
784 if (p_remove_acl->remove_dev)
785 bta_dm_cb.device_list.peer_device[index].remove_dev_pending = TRUE;
789 APPL_TRACE_ERROR0("unknown device, remove ACL failed");
791 /* Disconnect the ACL link */
792 btm_remove_acl(p_remove_acl->bd_addr);
794 /* if to remove the device from security database ? do it now */
795 else if (p_remove_acl->remove_dev)
797 if (!BTM_SecDeleteDevice(p_remove_acl->bd_addr))
799 APPL_TRACE_ERROR0("delete device from security database failed.");
801 #if (BLE_INCLUDED == TRUE && BTA_GATT_INCLUDED == TRUE)
802 /* need to remove all pending background connection if any */
803 BTA_GATTC_CancelOpen(0, p_remove_acl->bd_addr, FALSE);
804 /* remove all cached GATT information */
805 BTA_GATTC_Refresh(p_remove_acl->bd_addr);
808 /* otherwise, no action needed */
811 /*******************************************************************************
813 ** Function bta_dm_bond
815 ** Description Bonds with peer device
820 *******************************************************************************/
821 void bta_dm_bond (tBTA_DM_MSG *p_data)
824 tBTA_DM_SEC sec_event;
827 status = BTM_SecBond ( p_data->bond.bd_addr, 0, NULL, 0 );
829 if (bta_dm_cb.p_sec_cback && (status != BTM_CMD_STARTED))
832 p_name = BTM_SecReadDevName(p_data->bond.bd_addr);
836 memset(&sec_event, 0, sizeof(tBTA_DM_SEC));
837 bdcpy(sec_event.auth_cmpl.bd_addr, p_data->bond.bd_addr);
838 memcpy(sec_event.auth_cmpl.bd_name, p_name, (BD_NAME_LEN-1));
839 sec_event.auth_cmpl.bd_name[BD_NAME_LEN-1] = 0;
841 /* taken care of by memset [above]
842 sec_event.auth_cmpl.key_present = FALSE;
843 sec_event.auth_cmpl.success = FALSE;
845 sec_event.auth_cmpl.fail_reason = HCI_ERR_ILLEGAL_COMMAND;
846 if (status == BTM_SUCCESS)
848 sec_event.auth_cmpl.success = TRUE;
852 /* delete this device entry from Sec Dev DB */
853 bta_dm_remove_sec_dev_entry(p_data->bond.bd_addr);
855 bta_dm_cb.p_sec_cback(BTA_DM_AUTH_CMPL_EVT, &sec_event);
860 /*******************************************************************************
862 ** Function bta_dm_bond_cancel
864 ** Description Cancels bonding with a peer device
869 *******************************************************************************/
870 void bta_dm_bond_cancel (tBTA_DM_MSG *p_data)
873 tBTA_DM_SEC sec_event;
875 APPL_TRACE_EVENT0(" bta_dm_bond_cancel ");
876 status = BTM_SecBondCancel ( p_data->bond_cancel.bd_addr );
878 if (bta_dm_cb.p_sec_cback && (status != BTM_CMD_STARTED && status != BTM_SUCCESS))
880 sec_event.bond_cancel_cmpl.result = BTA_FAILURE;
882 bta_dm_cb.p_sec_cback(BTA_DM_BOND_CANCEL_CMPL_EVT, &sec_event);
887 /*******************************************************************************
889 ** Function bta_dm_pin_reply
891 ** Description Send the pin_reply to a request from BTM
896 *******************************************************************************/
897 void bta_dm_pin_reply (tBTA_DM_MSG *p_data)
899 UINT32 trusted_mask[BTM_SEC_SERVICE_ARRAY_SIZE];
900 UINT32 * current_trusted_mask;
902 current_trusted_mask = BTM_ReadTrustedMask(p_data->pin_reply.bd_addr);
904 if(current_trusted_mask)
906 memcpy(trusted_mask, current_trusted_mask, sizeof(trusted_mask));
910 memset(trusted_mask, 0, sizeof(trusted_mask));
913 if(p_data->pin_reply.accept)
916 BTM_PINCodeReply(p_data->pin_reply.bd_addr, BTM_SUCCESS, p_data->pin_reply.pin_len, p_data->pin_reply.p_pin, trusted_mask );
920 BTM_PINCodeReply(p_data->pin_reply.bd_addr, BTM_NOT_AUTHORIZED, 0, NULL, trusted_mask );
925 /*******************************************************************************
927 ** Function bta_dm_link_policy
929 ** Description remove/set link policy mask.
930 ** wake the link, is sniff/park is removed
934 *******************************************************************************/
935 void bta_dm_link_policy (tBTA_DM_MSG *p_data)
937 tBTA_DM_PEER_DEVICE *p_dev;
939 p_dev = bta_dm_find_peer_device(p_data->link_policy.bd_addr);
943 APPL_TRACE_DEBUG2(" bta_dm_link_policy set:%d, policy:0x%x",
944 p_data->link_policy.set, p_data->link_policy.policy_mask);
945 if(p_data->link_policy.set)
947 /* restore the default link policy */
948 p_dev->link_policy |= p_data->link_policy.policy_mask;
949 BTM_SetLinkPolicy(p_dev->peer_bdaddr, &(p_dev->link_policy));
953 /* clear the policy from the default link policy */
954 p_dev->link_policy &= (~p_data->link_policy.policy_mask);
955 BTM_SetLinkPolicy(p_dev->peer_bdaddr, &(p_dev->link_policy));
957 if(p_data->link_policy.policy_mask & (HCI_ENABLE_SNIFF_MODE | HCI_ENABLE_PARK_MODE))
959 /* if clearing sniff/park, wake the link */
960 bta_dm_pm_active(p_dev->peer_bdaddr);
965 /*******************************************************************************
967 ** Function bta_dm_policy_cback
969 ** Description process the link policy changes
973 *******************************************************************************/
974 static void bta_dm_policy_cback(tBTA_SYS_CONN_STATUS status, UINT8 id, UINT8 app_id, BD_ADDR peer_addr)
976 tBTA_DM_PEER_DEVICE *p_dev = NULL;
977 UINT16 policy = app_id;
978 UINT32 mask = (UINT32)(1 << id);
981 p_dev = bta_dm_find_peer_device(peer_addr);
983 APPL_TRACE_DEBUG2(" bta_dm_policy_cback cmd:%d, policy:0x%x",
987 case BTA_SYS_PLCY_SET:
990 /* restore the default link policy */
991 p_dev->link_policy |= policy;
992 BTM_SetLinkPolicy(p_dev->peer_bdaddr, &(p_dev->link_policy));
995 case BTA_SYS_PLCY_CLR:
998 /* clear the policy from the default link policy */
999 p_dev->link_policy &= (~policy);
1000 BTM_SetLinkPolicy(p_dev->peer_bdaddr, &(p_dev->link_policy));
1002 if(policy & (HCI_ENABLE_SNIFF_MODE | HCI_ENABLE_PARK_MODE))
1004 /* if clearing sniff/park, wake the link */
1005 bta_dm_pm_active(p_dev->peer_bdaddr);
1009 case BTA_SYS_PLCY_DEF_SET:
1010 /* want to restore/set the role switch policy */
1011 bta_dm_cb.role_policy_mask &= ~mask;
1012 if(0 == bta_dm_cb.role_policy_mask)
1014 /* if nobody wants to insist on the role */
1015 bta_dm_cb.cur_policy |= HCI_ENABLE_MASTER_SLAVE_SWITCH;
1016 BTM_SetDefaultLinkPolicy(bta_dm_cb.cur_policy);
1020 case BTA_SYS_PLCY_DEF_CLR:
1021 /* want to remove the role switch policy */
1022 bta_dm_cb.role_policy_mask |= mask;
1023 bta_dm_cb.cur_policy &= ~HCI_ENABLE_MASTER_SLAVE_SWITCH;
1024 BTM_SetDefaultLinkPolicy(bta_dm_cb.cur_policy);
1030 /*******************************************************************************
1032 ** Function bta_dm_auth_reply
1034 ** Description Send the authorization reply to a request from BTM
1039 *******************************************************************************/
1040 void bta_dm_auth_reply (tBTA_DM_MSG *p_data)
1043 UINT32 trusted_mask[BTM_SEC_SERVICE_ARRAY_SIZE];
1044 UINT8 btm_mask_index = 0;
1045 UINT32 * current_trusted_mask;
1047 current_trusted_mask = BTM_ReadTrustedMask(p_data->auth_reply.bd_addr);
1049 if(current_trusted_mask)
1051 memcpy(trusted_mask, current_trusted_mask, sizeof(trusted_mask));
1055 memset(trusted_mask, 0, sizeof(trusted_mask));
1058 if(p_data->auth_reply.response != BTA_DM_NOT_AUTH)
1060 if(p_data->auth_reply.response == BTA_DM_AUTH_PERM)
1062 if(p_data->auth_reply.service < BTA_MAX_SERVICE_ID)
1064 /* convert BTA service id to BTM mask */
1065 btm_mask_index = bta_service_id_to_btm_srv_id_lkup_tbl[p_data->auth_reply.service] / 32;
1066 trusted_mask[btm_mask_index] |= (UINT32)(1 << (bta_service_id_to_btm_srv_id_lkup_tbl[p_data->auth_reply.service] - (UINT32)(btm_mask_index * 32)));
1070 BTM_DeviceAuthorized (p_data->auth_reply.bd_addr, BTM_SUCCESS,trusted_mask);
1074 BTM_DeviceAuthorized (p_data->auth_reply.bd_addr, BTM_NOT_AUTHORIZED,trusted_mask);
1079 /*******************************************************************************
1081 ** Function bta_dm_confirm
1083 ** Description Send the user confirm request reply in response to a
1088 *******************************************************************************/
1089 void bta_dm_confirm(tBTA_DM_MSG *p_data)
1091 tBTM_STATUS res = BTM_NOT_AUTHORIZED;
1093 if(p_data->confirm.accept == TRUE)
1095 BTM_ConfirmReqReply(res, p_data->confirm.bd_addr);
1098 /*******************************************************************************
1100 ** Function bta_dm_passkey_cancel
1102 ** Description Send the passkey cancel from SP initiator by sending a negative
1103 ** passkey request replyreply.
1106 *******************************************************************************/
1107 #if (BTM_LOCAL_IO_CAPS != BTM_IO_CAP_NONE)
1108 void bta_dm_passkey_cancel(tBTA_DM_MSG *p_data)
1110 BTM_PasskeyReqReply(BTM_NOT_AUTHORIZED, p_data->passkey_cancel.bd_addr, 0);
1114 /*******************************************************************************
1116 ** Function bta_dm_loc_oob
1118 ** Description Retrieve the OOB data from the local LM
1122 *******************************************************************************/
1123 #if (BTM_OOB_INCLUDED == TRUE)
1124 void bta_dm_loc_oob(tBTA_DM_MSG *p_data)
1126 BTM_ReadLocalOobData();
1129 /*******************************************************************************
1131 ** Function bta_dm_ci_io_req_act
1133 ** Description respond to the IO capabilities request from BTM
1137 *******************************************************************************/
1138 void bta_dm_ci_io_req_act(tBTA_DM_MSG *p_data)
1140 tBTM_AUTH_REQ auth_req = BTM_AUTH_AP_NO;
1141 if(p_data->ci_io_req.auth_req)
1142 auth_req = BTM_AUTH_AP_YES;
1143 BTM_IoCapRsp(p_data->ci_io_req.bd_addr, p_data->ci_io_req.io_cap,
1144 p_data->ci_io_req.oob_data, auth_req);
1147 /*******************************************************************************
1149 ** Function bta_dm_ci_rmt_oob_act
1151 ** Description respond to the OOB data request for the remote device from BTM
1156 *******************************************************************************/
1157 void bta_dm_ci_rmt_oob_act(tBTA_DM_MSG *p_data)
1159 tBTM_STATUS res = BTM_NOT_AUTHORIZED;
1161 if(p_data->ci_rmt_oob.accept == TRUE)
1163 BTM_RemoteOobDataReply(res, p_data->ci_rmt_oob.bd_addr,
1164 p_data->ci_rmt_oob.c, p_data->ci_rmt_oob.r );
1166 #endif /* BTM_OOB_INCLUDED */
1168 /*******************************************************************************
1170 ** Function bta_dm_search_start
1172 ** Description Starts an inquiry
1177 *******************************************************************************/
1178 void bta_dm_search_start (tBTA_DM_MSG *p_data)
1180 tBTM_INQUIRY_CMPL result;
1182 #if (BLE_INCLUDED == TRUE && BTA_GATT_INCLUDED == TRUE)
1183 UINT16 len = (UINT16)(sizeof(tBT_UUID) * p_data->search.num_uuid);
1186 APPL_TRACE_DEBUG1("bta_dm_search_start avoid_scatter=%d", bta_dm_cfg.avoid_scatter);
1187 if (bta_dm_cfg.avoid_scatter &&
1188 (p_data->search.rs_res == BTA_DM_RS_NONE) && bta_dm_check_av(BTA_DM_API_SEARCH_EVT))
1190 memcpy(&bta_dm_cb.search_msg, &p_data->search, sizeof(tBTA_DM_API_SEARCH));
1194 BTM_ClearInqDb(NULL);
1195 /* save search params */
1196 bta_dm_search_cb.p_search_cback = p_data->search.p_cback;
1197 bta_dm_search_cb.services = p_data->search.services;
1199 #if (BLE_INCLUDED == TRUE && BTA_GATT_INCLUDED == TRUE)
1200 utl_freebuf((void **)&bta_dm_search_cb.p_srvc_uuid);
1202 if ((bta_dm_search_cb.num_uuid = p_data->search.num_uuid) != 0 &&
1203 p_data->search.p_uuid != NULL)
1205 if ((bta_dm_search_cb.p_srvc_uuid = (tBT_UUID *)GKI_getbuf(len)) == NULL)
1207 APPL_TRACE_ERROR0("bta_dm_search_start no resources");
1209 result.status = BTA_FAILURE;
1210 result.num_resp = 0;
1211 bta_dm_inq_cmpl_cb ((void *)&result);
1214 // bta_dm_search_cb.p_srvc_uuid = (tBT_UUID *)GKI_getbuf(len);
1215 memcpy(bta_dm_search_cb.p_srvc_uuid, p_data->search.p_uuid, len);
1218 result.status = BTM_StartInquiry( (tBTM_INQ_PARMS*)&p_data->search.inq_params,
1219 bta_dm_inq_results_cb,
1220 (tBTM_CMPL_CB*) bta_dm_inq_cmpl_cb);
1222 APPL_TRACE_EVENT1("bta_dm_search_start status=%d", result.status);
1223 if (result.status != BTM_CMD_STARTED)
1225 result.num_resp = 0;
1226 bta_dm_inq_cmpl_cb ((void *)&result);
1231 /*******************************************************************************
1233 ** Function bta_dm_search_cancel
1235 ** Description Cancels an ongoing search for devices
1240 *******************************************************************************/
1241 void bta_dm_search_cancel (tBTA_DM_MSG *p_data)
1244 tBTA_DM_MSG * p_msg;
1246 if(BTM_IsInquiryActive())
1248 BTM_CancelInquiry();
1249 bta_dm_search_cancel_notify(NULL);
1251 if ((p_msg = (tBTA_DM_MSG *) GKI_getbuf(sizeof(tBTA_DM_MSG))) != NULL)
1253 p_msg->hdr.event = BTA_DM_SEARCH_CMPL_EVT;
1254 p_msg->hdr.layer_specific = BTA_DM_API_DISCOVER_EVT;
1255 bta_sys_sendmsg(p_msg);
1259 /* If no Service Search going on then issue cancel remote name in case it is active */
1260 else if (!bta_dm_search_cb.name_discover_done)
1262 BTM_CancelRemoteDeviceName();
1264 #if BLE_INCLUDED == TRUE && BTA_GATT_INCLUDED == TRUE
1265 if (bta_dm_search_cb.gatt_disc_active)
1267 bta_dm_cancel_gatt_discovery(bta_dm_search_cb.peer_bdaddr);
1272 /*******************************************************************************
1274 ** Function bta_dm_discover
1276 ** Description Discovers services on a remote device
1281 *******************************************************************************/
1282 void bta_dm_discover (tBTA_DM_MSG *p_data)
1284 #if BLE_INCLUDED == TRUE && BTA_GATT_INCLUDED == TRUE
1285 UINT16 len = (UINT16)(sizeof(tBT_UUID) * p_data->discover.num_uuid);
1287 APPL_TRACE_EVENT2("bta_dm_discover services_to_search=0x%04X, sdp_search=%d",
1288 p_data->discover.services, p_data->discover.sdp_search);
1290 /* save the search condition */
1291 bta_dm_search_cb.services = p_data->discover.services;
1293 #if BLE_INCLUDED == TRUE && BTA_GATT_INCLUDED == TRUE
1294 utl_freebuf((void **)&bta_dm_search_cb.p_srvc_uuid);
1295 if ((bta_dm_search_cb.num_uuid = p_data->discover.num_uuid) != 0 &&
1296 p_data->discover.p_uuid != NULL)
1298 if ((bta_dm_search_cb.p_srvc_uuid = (tBT_UUID *)GKI_getbuf(len)) == NULL)
1300 p_data->discover.p_cback(BTA_DM_DISC_CMPL_EVT, NULL);
1303 memcpy(bta_dm_search_cb.p_srvc_uuid, p_data->discover.p_uuid, len);
1305 bta_dm_search_cb.uuid_to_search = bta_dm_search_cb.num_uuid;
1308 bta_dm_search_cb.p_search_cback = p_data->discover.p_cback;
1309 bta_dm_search_cb.sdp_search = p_data->discover.sdp_search;
1310 bta_dm_search_cb.services_to_search = bta_dm_search_cb.services;
1311 bta_dm_search_cb.service_index = 0;
1312 bta_dm_search_cb.services_found = 0;
1313 bta_dm_search_cb.peer_name[0] = 0;
1314 bta_dm_search_cb.sdp_search = p_data->discover.sdp_search;
1315 bta_dm_search_cb.p_btm_inq_info = BTM_InqDbRead (p_data->discover.bd_addr);
1317 bta_dm_search_cb.name_discover_done = FALSE;
1318 memcpy(&bta_dm_search_cb.uuid, &p_data->discover.uuid, sizeof(tSDP_UUID));
1319 bta_dm_discover_device(p_data->discover.bd_addr);
1322 /*******************************************************************************
1324 ** Function bta_dm_di_disc_cmpl
1326 ** Description Sends event to application when DI discovery complete
1330 *******************************************************************************/
1331 void bta_dm_di_disc_cmpl(tBTA_DM_MSG *p_data)
1333 tBTA_DM_DI_DISC_CMPL di_disc;
1335 memset(&di_disc, 0, sizeof(tBTA_DM_DI_DISC_CMPL));
1336 bdcpy(di_disc.bd_addr, bta_dm_search_cb.peer_bdaddr);
1338 if((p_data->hdr.offset == SDP_SUCCESS)
1339 || (p_data->hdr.offset == SDP_DB_FULL))
1341 di_disc.num_record = SDP_GetNumDiRecords(bta_dm_di_cb.p_di_db);
1344 di_disc.result = BTA_FAILURE;
1346 bta_dm_di_cb.p_di_db = NULL;
1347 bta_dm_search_cb.p_search_cback(BTA_DM_DI_DISC_CMPL_EVT, (tBTA_DM_SEARCH *) &di_disc);
1350 /*******************************************************************************
1352 ** Function bta_dm_di_disc_callback
1354 ** Description This function queries a remote device for DI information.
1359 *******************************************************************************/
1360 static void bta_dm_di_disc_callback(UINT16 result)
1362 tBTA_DM_MSG * p_msg;
1364 if ((p_msg = (tBTA_DM_MSG *) GKI_getbuf(sizeof(tBTA_DM_MSG))) != NULL)
1366 p_msg->hdr.event = BTA_DM_SEARCH_CMPL_EVT;
1367 p_msg->hdr.layer_specific = BTA_DM_API_DI_DISCOVER_EVT;
1368 p_msg->hdr.offset = result;
1369 bta_sys_sendmsg(p_msg);
1373 /*******************************************************************************
1375 ** Function bta_dm_disable_search_and_disc
1377 ** Description Cancels an ongoing search or discovery for devices in case of
1378 ** a Bluetooth disable
1383 *******************************************************************************/
1384 static void bta_dm_disable_search_and_disc (void)
1386 tBTA_DM_DI_DISC_CMPL di_disc;
1387 tBTA_DM_MSG * p_msg;
1389 if(BTM_IsInquiryActive()||(bta_dm_search_cb.state != BTA_DM_SEARCH_IDLE))
1391 BTM_CancelInquiry();
1392 bta_dm_search_cancel_notify(NULL);
1394 if ((p_msg = (tBTA_DM_MSG *) GKI_getbuf(sizeof(tBTA_DM_MSG))) != NULL)
1396 p_msg->hdr.event = BTA_DM_SEARCH_CMPL_EVT;
1397 p_msg->hdr.layer_specific = BTA_DM_API_DISCOVER_EVT;
1398 bta_sys_sendmsg(p_msg);
1402 /* If no Service Search going on then issue cancel remote name in case it is active */
1403 else if (!bta_dm_search_cb.name_discover_done)
1405 BTM_CancelRemoteDeviceName();
1407 if ((p_msg = (tBTA_DM_MSG *) GKI_getbuf(sizeof(tBTA_DM_MSG))) != NULL)
1409 p_msg->hdr.event = BTA_DM_SEARCH_CMPL_EVT;
1410 p_msg->hdr.layer_specific = BTA_DM_API_DISCOVER_EVT;
1411 bta_sys_sendmsg(p_msg);
1414 else if(bta_dm_di_cb.p_di_db != NULL)
1416 memset(&di_disc, 0, sizeof(tBTA_DM_DI_DISC_CMPL));
1417 bdcpy(di_disc.bd_addr, bta_dm_search_cb.peer_bdaddr);
1418 di_disc.result = BTA_FAILURE;
1420 bta_dm_di_cb.p_di_db = NULL;
1421 bta_dm_search_cb.p_search_cback(BTA_DM_DI_DISC_CMPL_EVT, NULL);
1424 #if (BLE_INCLUDED == TRUE) && (BTA_GATT_INCLUDED == TRUE)
1425 if (bta_dm_search_cb.gatt_disc_active)
1427 bta_dm_cancel_gatt_discovery(bta_dm_search_cb.peer_bdaddr);
1432 /*******************************************************************************
1434 ** Function bta_dm_di_disc
1436 ** Description This function queries a remote device for DI information.
1441 *******************************************************************************/
1442 void bta_dm_di_disc (tBTA_DM_MSG *p_data)
1444 UINT16 result = BTA_FAILURE;
1447 bta_dm_search_cb.p_search_cback = p_data->di_disc.p_cback;
1448 bdcpy(bta_dm_search_cb.peer_bdaddr, p_data->di_disc.bd_addr);
1449 bta_dm_di_cb.p_di_db = p_data->di_disc.p_sdp_db;
1451 if((bta_dm_search_cb.p_sdp_db = (tSDP_DISCOVERY_DB *)GKI_getbuf(BTA_DM_SDP_DB_SIZE)) != NULL)
1453 if ( SDP_DiDiscover(bta_dm_search_cb.peer_bdaddr, p_data->di_disc.p_sdp_db,
1454 p_data->di_disc.len, bta_dm_di_disc_callback) == SDP_SUCCESS)
1456 result = BTA_SUCCESS;
1461 APPL_TRACE_ERROR0("No buffer to start DI discovery");
1464 if ( result == BTA_FAILURE &&
1465 (p_msg = (tBTA_DM_MSG *) GKI_getbuf(sizeof(tBTA_DM_MSG))) != NULL)
1467 p_msg->hdr.event = BTA_DM_SEARCH_CMPL_EVT;
1468 p_msg->hdr.layer_specific = BTA_DM_API_DI_DISCOVER_EVT;
1469 p_data->hdr.offset = result;
1470 bta_sys_sendmsg(p_msg);
1474 /*******************************************************************************
1476 ** Function bta_dm_read_remote_device_name
1478 ** Description Initiate to get remote device name
1480 ** Returns TRUE if started to get remote name
1482 *******************************************************************************/
1483 static BOOLEAN bta_dm_read_remote_device_name (BD_ADDR bd_addr)
1485 tBTM_STATUS btm_status;
1487 APPL_TRACE_DEBUG0("bta_dm_read_remote_device_name");
1489 bdcpy(bta_dm_search_cb.peer_bdaddr, bd_addr);
1490 bta_dm_search_cb.peer_name[0] = 0;
1492 btm_status = BTM_ReadRemoteDeviceName (bta_dm_search_cb.peer_bdaddr,
1493 (tBTM_CMPL_CB *) bta_dm_remname_cback);
1495 if ( btm_status == BTM_CMD_STARTED )
1497 APPL_TRACE_DEBUG0("bta_dm_read_remote_device_name: BTM_ReadRemoteDeviceName is started");
1501 else if ( btm_status == BTM_BUSY )
1503 APPL_TRACE_DEBUG0("bta_dm_read_remote_device_name: BTM_ReadRemoteDeviceName is busy");
1505 /* Remote name discovery is on going now so BTM cannot notify through "bta_dm_remname_cback" */
1506 /* adding callback to get notified that current reading remore name done */
1507 BTM_SecAddRmtNameNotifyCallback(&bta_dm_service_search_remname_cback);
1513 APPL_TRACE_WARNING1("bta_dm_read_remote_device_name: BTM_ReadRemoteDeviceName returns 0x%02X", btm_status);
1519 /*******************************************************************************
1521 ** Function bta_dm_inq_cmpl
1523 ** Description Process the inquiry complete event from BTM
1527 *******************************************************************************/
1528 void bta_dm_inq_cmpl (tBTA_DM_MSG *p_data)
1530 tBTA_DM_MSG * p_msg;
1531 tBTA_DM_SEARCH data;
1533 APPL_TRACE_DEBUG0("bta_dm_inq_cmpl");
1535 data.inq_cmpl.num_resps = p_data->inq_cmpl.num;
1536 bta_dm_search_cb.p_search_cback(BTA_DM_INQ_CMPL_EVT, &data);
1538 if((bta_dm_search_cb.p_btm_inq_info = BTM_InqDbFirst()) != NULL)
1540 /* start name and service discovery from the first device on inquiry result */
1541 bta_dm_search_cb.name_discover_done = FALSE;
1542 bta_dm_search_cb.peer_name[0] = 0;
1543 bta_dm_discover_device(bta_dm_search_cb.p_btm_inq_info->results.remote_bd_addr);
1547 /* no devices, search complete */
1548 bta_dm_search_cb.services = 0;
1550 if ((p_msg = (tBTA_DM_MSG *) GKI_getbuf(sizeof(tBTA_DM_MSG))) != NULL)
1552 p_msg->hdr.event = BTA_DM_SEARCH_CMPL_EVT;
1553 p_msg->hdr.layer_specific = BTA_DM_API_DISCOVER_EVT;
1554 bta_sys_sendmsg(p_msg);
1559 /*******************************************************************************
1561 ** Function bta_dm_rmt_name
1563 ** Description Process the remote name result from BTM
1567 *******************************************************************************/
1568 void bta_dm_rmt_name (tBTA_DM_MSG *p_data)
1570 APPL_TRACE_DEBUG0("bta_dm_rmt_name");
1572 if( p_data->rem_name.result.disc_res.bd_name[0] && bta_dm_search_cb.p_btm_inq_info)
1574 bta_dm_search_cb.p_btm_inq_info->appl_knows_rem_name = TRUE;
1577 bta_dm_discover_device(bta_dm_search_cb.peer_bdaddr);
1580 /*******************************************************************************
1582 ** Function bta_dm_disc_rmt_name
1584 ** Description Process the remote name result from BTM when application
1585 ** wants to find the name for a bdaddr
1589 *******************************************************************************/
1590 void bta_dm_disc_rmt_name (tBTA_DM_MSG *p_data)
1592 tBTM_INQ_INFO *p_btm_inq_info;
1594 APPL_TRACE_DEBUG0("bta_dm_disc_rmt_name");
1596 p_btm_inq_info = BTM_InqDbRead (p_data->rem_name.result.disc_res.bd_addr);
1597 if( p_btm_inq_info )
1599 if( p_data->rem_name.result.disc_res.bd_name[0] )
1601 p_btm_inq_info->appl_knows_rem_name = TRUE;
1605 bta_dm_discover_device(p_data->rem_name.result.disc_res.bd_addr);
1608 /*******************************************************************************
1610 ** Function bta_dm_sdp_result
1612 ** Description Process the discovery result from sdp
1616 *******************************************************************************/
1617 void bta_dm_sdp_result (tBTA_DM_MSG *p_data)
1620 tSDP_DISC_REC *p_sdp_rec = NULL;
1622 BOOLEAN service_found = FALSE;
1623 BOOLEAN scn_found = FALSE;
1624 UINT16 service = 0xFFFF;
1625 tSDP_PROTOCOL_ELEM pe;
1627 #if BLE_INCLUDED == TRUE && BTA_GATT_INCLUDED == TRUE
1628 tBT_UUID *p_uuid = bta_dm_search_cb.p_srvc_uuid;
1629 tBTA_DM_SEARCH result;
1630 tBT_UUID service_uuid;
1633 UINT32 num_uuids = 0;
1634 UINT8 uuid_list[32][MAX_UUID_SIZE]; // assuming a max of 32 services
1636 if((p_data->sdp_event.sdp_result == SDP_SUCCESS)
1637 || (p_data->sdp_event.sdp_result == SDP_NO_RECS_MATCH)
1638 || (p_data->sdp_event.sdp_result == SDP_DB_FULL))
1640 APPL_TRACE_DEBUG1("sdp_result::0x%x", p_data->sdp_event.sdp_result);
1644 service_found = FALSE;
1646 if( bta_dm_search_cb.service_index == (BTA_USER_SERVICE_ID+1) )
1648 p_sdp_rec = SDP_FindServiceUUIDInDb(bta_dm_search_cb.p_sdp_db, &bta_dm_search_cb.uuid, p_sdp_rec);
1650 if (p_sdp_rec && SDP_FindProtocolListElemInRec(p_sdp_rec, UUID_PROTOCOL_RFCOMM, &pe))
1652 bta_dm_search_cb.peer_scn = (UINT8) pe.params[0];
1658 service = bta_service_id_to_uuid_lkup_tbl[bta_dm_search_cb.service_index-1];
1659 p_sdp_rec = SDP_FindServiceInDb(bta_dm_search_cb.p_sdp_db, service, p_sdp_rec);
1661 #if BLE_INCLUDED == TRUE && BTA_GATT_INCLUDED == TRUE
1662 /* finished with BR/EDR services, now we check the result for GATT based service UUID */
1663 if (bta_dm_search_cb.service_index == BTA_MAX_SERVICE_ID)
1665 if (bta_dm_search_cb.uuid_to_search != 0 && p_uuid != NULL)
1667 p_uuid += (bta_dm_search_cb.num_uuid - bta_dm_search_cb.uuid_to_search);
1668 /* only support 16 bits UUID for now */
1669 service = p_uuid->uu.uuid16;
1672 /* all GATT based services */
1675 /* find a service record, report it */
1676 p_sdp_rec = SDP_FindServiceInDb(bta_dm_search_cb.p_sdp_db,
1680 if (SDP_FindServiceUUIDInRec(p_sdp_rec, &service_uuid))
1682 /* send result back to app now, one by one */
1683 bdcpy (result.disc_ble_res.bd_addr, bta_dm_search_cb.peer_bdaddr);
1684 BCM_STRNCPY_S((char*)result.disc_ble_res.bd_name, sizeof(BD_NAME), bta_dm_get_remname(), (BD_NAME_LEN));
1685 result.disc_ble_res.bd_name[BD_NAME_LEN] = 0;
1686 result.disc_ble_res.service.len = service_uuid.len;
1687 result.disc_ble_res.service.uu.uuid16 = service_uuid.uu.uuid16;
1689 bta_dm_search_cb.p_search_cback(BTA_DM_DISC_BLE_RES_EVT, &result);
1693 if (bta_dm_search_cb.uuid_to_search > 0)
1696 } while (p_sdp_rec);
1701 /* SDP_DB_FULL means some records with the
1702 required attributes were received */
1703 if(((p_data->sdp_event.sdp_result == SDP_DB_FULL) &&
1704 bta_dm_search_cb.services != BTA_ALL_SERVICE_MASK) ||
1705 (p_sdp_rec != NULL))
1707 /* If Plug and Play service record, check to see if Broadcom stack */
1708 if (service == UUID_SERVCLASS_PNP_INFORMATION)
1712 if (SDP_FindAttributeInRec (p_sdp_rec, ATTR_ID_EXT_BRCM_VERSION))
1714 service_found = TRUE;
1720 service_found = TRUE;
1725 UINT16 tmp_svc = 0xFFFF;
1726 bta_dm_search_cb.services_found |=
1727 (tBTA_SERVICE_MASK)(BTA_SERVICE_ID_TO_SERVICE_MASK(bta_dm_search_cb.service_index-1));
1728 tmp_svc = bta_service_id_to_uuid_lkup_tbl[bta_dm_search_cb.service_index-1];
1729 /* Add to the list of UUIDs */
1730 sdpu_uuid16_to_uuid128(tmp_svc, uuid_list[num_uuids]);
1736 if(bta_dm_search_cb.services == BTA_ALL_SERVICE_MASK &&
1737 bta_dm_search_cb.services_to_search == 0)
1739 #if BLE_INCLUDED == TRUE && BTA_GATT_INCLUDED == TRUE
1740 if ( bta_dm_search_cb.service_index == BTA_BLE_SERVICE_ID &&
1741 bta_dm_search_cb.uuid_to_search > 0)
1742 bta_dm_search_cb.uuid_to_search --;
1744 if (bta_dm_search_cb.uuid_to_search == 0 ||
1745 bta_dm_search_cb.service_index != BTA_BLE_SERVICE_ID)
1747 bta_dm_search_cb.service_index++;
1749 else /* regular one service per search or PNP search */
1753 while(bta_dm_search_cb.service_index <= BTA_MAX_SERVICE_ID);
1755 // GKI_freebuf(bta_dm_search_cb.p_sdp_db);
1756 // bta_dm_search_cb.p_sdp_db = NULL;
1757 APPL_TRACE_DEBUG1("bta_dm_sdp_result services_found = %04x", bta_dm_search_cb.services_found);
1759 /* Collect the 128-bit services here and put them into the list */
1760 if(bta_dm_search_cb.services == BTA_ALL_SERVICE_MASK)
1766 /* find a service record, report it */
1767 p_sdp_rec = SDP_FindServiceInDb_128bit(bta_dm_search_cb.p_sdp_db, p_sdp_rec);
1770 if (SDP_FindServiceUUIDInRec_128bit(p_sdp_rec, &temp_uuid))
1772 memcpy(uuid_list[num_uuids], temp_uuid.uu.uuid128, MAX_UUID_SIZE);
1776 } while (p_sdp_rec);
1778 /* if there are more services to search for */
1779 if(bta_dm_search_cb.services_to_search)
1781 /* Free up the p_sdp_db before checking the next one */
1782 bta_dm_free_sdp_db(NULL);
1783 bta_dm_find_services(bta_dm_search_cb.peer_bdaddr);
1788 /* start next bd_addr if necessary */
1790 BTM_SecDeleteRmtNameNotifyCallback(&bta_dm_service_search_remname_cback);
1793 if ((p_msg = (tBTA_DM_MSG *) GKI_getbuf(sizeof(tBTA_DM_MSG))) != NULL)
1795 p_msg->hdr.event = BTA_DM_DISCOVERY_RESULT_EVT;
1796 p_msg->disc_result.result.disc_res.result = BTA_SUCCESS;
1797 p_msg->disc_result.result.disc_res.p_raw_data = NULL;
1798 p_msg->disc_result.result.disc_res.raw_data_size = 0;
1799 p_msg->disc_result.result.disc_res.num_uuids = num_uuids;
1800 p_msg->disc_result.result.disc_res.p_uuid_list = NULL;
1801 if (num_uuids > 0) {
1802 p_msg->disc_result.result.disc_res.p_uuid_list = (UINT8*)GKI_getbuf(num_uuids*MAX_UUID_SIZE);
1803 if (p_msg->disc_result.result.disc_res.p_uuid_list) {
1804 memcpy(p_msg->disc_result.result.disc_res.p_uuid_list, uuid_list,
1805 num_uuids*MAX_UUID_SIZE);
1807 p_msg->disc_result.result.disc_res.num_uuids = 0;
1808 APPL_TRACE_ERROR1("%s: Unable to allocate memory for uuid_list", __FUNCTION__);
1811 //copy the raw_data to the discovery result structure
1813 APPL_TRACE_DEBUG2("bta_dm_sdp_result (raw_data used = 0x%x raw_data_ptr = 0x%x)\r\n",bta_dm_search_cb.p_sdp_db->raw_used, bta_dm_search_cb.p_sdp_db->raw_data);
1815 if ( bta_dm_search_cb.p_sdp_db != NULL && bta_dm_search_cb.p_sdp_db->raw_used != 0 &&
1816 bta_dm_search_cb.p_sdp_db->raw_data != NULL) {
1818 p_msg->disc_result.result.disc_res.p_raw_data = GKI_getbuf(bta_dm_search_cb.p_sdp_db->raw_used);
1819 if ( NULL != p_msg->disc_result.result.disc_res.p_raw_data ) {
1820 memcpy( p_msg->disc_result.result.disc_res.p_raw_data,
1821 bta_dm_search_cb.p_sdp_db->raw_data,
1822 bta_dm_search_cb.p_sdp_db->raw_used );
1824 p_msg->disc_result.result.disc_res.raw_data_size =
1825 bta_dm_search_cb.p_sdp_db->raw_used;
1828 APPL_TRACE_DEBUG1("bta_dm_sdp_result GKI Alloc failed to allocate %d bytes !!\r\n",bta_dm_search_cb.p_sdp_db->raw_used);
1831 bta_dm_search_cb.p_sdp_db->raw_data = NULL; //no need to free this - it is a global assigned.
1832 bta_dm_search_cb.p_sdp_db->raw_used = 0;
1833 bta_dm_search_cb.p_sdp_db->raw_size = 0;
1836 APPL_TRACE_DEBUG0("bta_dm_sdp_result raw data size is 0 or raw_data is null!!\r\n");
1838 /* Done with p_sdp_db. Free it */
1839 bta_dm_free_sdp_db(NULL);
1840 p_msg->disc_result.result.disc_res.services = bta_dm_search_cb.services_found;
1842 //Piggy back the SCN over result field
1845 p_msg->disc_result.result.disc_res.result = (3 + bta_dm_search_cb.peer_scn);
1846 p_msg->disc_result.result.disc_res.services |= BTA_USER_SERVICE_MASK;
1848 APPL_TRACE_EVENT1(" Piggy back the SCN over result field SCN=%d", bta_dm_search_cb.peer_scn);
1851 bdcpy (p_msg->disc_result.result.disc_res.bd_addr, bta_dm_search_cb.peer_bdaddr);
1852 BCM_STRNCPY_S((char*)p_msg->disc_result.result.disc_res.bd_name, sizeof(BD_NAME),
1853 bta_dm_get_remname(), (BD_NAME_LEN-1));
1855 /* make sure the string is null terminated */
1856 p_msg->disc_result.result.disc_res.bd_name[BD_NAME_LEN-1] = 0;
1858 bta_sys_sendmsg(p_msg);
1866 /* conn failed. No need for timer */
1867 if(p_data->sdp_event.sdp_result == SDP_CONN_FAILED || p_data->sdp_event.sdp_result == SDP_CONN_REJECTED
1868 || p_data->sdp_event.sdp_result == SDP_SECURITY_ERR)
1869 bta_dm_search_cb.wait_disc = FALSE;
1871 /* not able to connect go to next device */
1872 GKI_freebuf(bta_dm_search_cb.p_sdp_db);
1873 bta_dm_search_cb.p_sdp_db = NULL;
1875 BTM_SecDeleteRmtNameNotifyCallback(&bta_dm_service_search_remname_cback);
1877 if ((p_msg = (tBTA_DM_MSG *) GKI_getbuf(sizeof(tBTA_DM_MSG))) != NULL)
1879 p_msg->hdr.event = BTA_DM_DISCOVERY_RESULT_EVT;
1880 p_msg->disc_result.result.disc_res.result = BTA_FAILURE;
1881 p_msg->disc_result.result.disc_res.services = bta_dm_search_cb.services_found;
1882 bdcpy (p_msg->disc_result.result.disc_res.bd_addr, bta_dm_search_cb.peer_bdaddr);
1883 BCM_STRNCPY_S((char*)p_msg->disc_result.result.disc_res.bd_name, sizeof(BD_NAME),
1884 bta_dm_get_remname(), (BD_NAME_LEN-1));
1886 /* make sure the string is null terminated */
1887 p_msg->disc_result.result.disc_res.bd_name[BD_NAME_LEN-1] = 0;
1889 bta_sys_sendmsg(p_msg);
1894 /*******************************************************************************
1896 ** Function bta_dm_search_cmpl
1898 ** Description Sends event to application
1902 *******************************************************************************/
1903 void bta_dm_search_cmpl (tBTA_DM_MSG *p_data)
1905 APPL_TRACE_DEBUG0("bta_dm_search_cmpl");
1907 #if (BLE_INCLUDED == TRUE && BTA_GATT_INCLUDED == TRUE)
1908 utl_freebuf((void **)&bta_dm_search_cb.p_srvc_uuid);
1911 if (p_data->hdr.layer_specific == BTA_DM_API_DI_DISCOVER_EVT)
1912 bta_dm_di_disc_cmpl(p_data);
1914 bta_dm_search_cb.p_search_cback(BTA_DM_DISC_CMPL_EVT, NULL);
1917 /*******************************************************************************
1919 ** Function bta_dm_disc_result
1921 ** Description Service discovery result when discovering services on a device
1925 *******************************************************************************/
1926 void bta_dm_disc_result (tBTA_DM_MSG *p_data)
1928 tBTA_DM_MSG * p_msg;
1930 APPL_TRACE_DEBUG0("bta_dm_disc_result");
1932 #if BLE_INCLUDED == TRUE && BTA_GATT_INCLUDED == TRUE
1933 /* if any BR/EDR service discovery has been done, report the event */
1934 if ((bta_dm_search_cb.services & ((BTA_ALL_SERVICE_MASK | BTA_USER_SERVICE_MASK ) & ~BTA_BLE_SERVICE_MASK)))
1936 bta_dm_search_cb.p_search_cback(BTA_DM_DISC_RES_EVT, &p_data->disc_result.result);
1938 /* send a message to change state */
1939 if ((p_msg = (tBTA_DM_MSG *) GKI_getbuf(sizeof(tBTA_DM_MSG))) != NULL)
1941 p_msg->hdr.event = BTA_DM_SEARCH_CMPL_EVT;
1942 p_msg->hdr.layer_specific = BTA_DM_API_DISCOVER_EVT;
1943 bta_sys_sendmsg(p_msg);
1947 /*******************************************************************************
1949 ** Function bta_dm_search_result
1951 ** Description Service discovery result while searching for devices
1955 *******************************************************************************/
1956 void bta_dm_search_result (tBTA_DM_MSG *p_data)
1958 APPL_TRACE_DEBUG2("bta_dm_search_result searching:0x%04x, result:0x%04x",
1959 bta_dm_search_cb.services,
1960 p_data->disc_result.result.disc_res.services);
1962 /* call back if application wants name discovery or found services that application is searching */
1963 if (( !bta_dm_search_cb.services )
1964 ||(( bta_dm_search_cb.services ) && ( p_data->disc_result.result.disc_res.services )))
1966 bta_dm_search_cb.p_search_cback(BTA_DM_DISC_RES_EVT, &p_data->disc_result.result);
1969 /* if searching did not initiate to create link */
1970 if(!bta_dm_search_cb.wait_disc )
1972 #if ( BTM_EIR_CLIENT_INCLUDED == TRUE )
1973 /* if service searching is done with EIR, don't search next device */
1974 if( bta_dm_search_cb.p_btm_inq_info )
1976 bta_dm_discover_next_device();
1980 /* wait until link is disconnected or timeout */
1981 bta_dm_search_cb.sdp_results = TRUE;
1982 bta_dm_search_cb.search_timer.p_cback = (TIMER_CBACK*)&bta_dm_search_timer_cback;
1983 bta_sys_start_timer(&bta_dm_search_cb.search_timer, 0, 1000*(L2CAP_LINK_INACTIVITY_TOUT+1) );
1988 /*******************************************************************************
1990 ** Function bta_dm_search_timer_cback
1992 ** Description Called when ACL disconnect time is over
1997 *******************************************************************************/
1998 static void bta_dm_search_timer_cback (TIMER_LIST_ENT *p_tle)
2001 APPL_TRACE_EVENT0(" bta_dm_search_timer_cback ");
2002 bta_dm_search_cb.wait_disc = FALSE;
2004 /* proceed with next device */
2005 bta_dm_discover_next_device();
2010 /*******************************************************************************
2012 ** Function bta_dm_free_sdp_db
2014 ** Description Frees SDP data base
2018 *******************************************************************************/
2019 void bta_dm_free_sdp_db (tBTA_DM_MSG *p_data)
2021 if(bta_dm_search_cb.p_sdp_db)
2023 GKI_freebuf(bta_dm_search_cb.p_sdp_db);
2024 bta_dm_search_cb.p_sdp_db = NULL;
2029 /*******************************************************************************
2031 ** Function bta_dm_queue_search
2033 ** Description Queues search command while search is being cancelled
2037 *******************************************************************************/
2038 void bta_dm_queue_search (tBTA_DM_MSG *p_data)
2041 bta_dm_search_cb.p_search_queue = (tBTA_DM_MSG *)GKI_getbuf(sizeof(tBTA_DM_API_SEARCH));
2042 memcpy(bta_dm_search_cb.p_search_queue, p_data, sizeof(tBTA_DM_API_SEARCH));
2046 /*******************************************************************************
2048 ** Function bta_dm_queue_disc
2050 ** Description Queues discovery command while search is being cancelled
2054 *******************************************************************************/
2055 void bta_dm_queue_disc (tBTA_DM_MSG *p_data)
2058 bta_dm_search_cb.p_search_queue = (tBTA_DM_MSG *)GKI_getbuf(sizeof(tBTA_DM_API_DISCOVER));
2059 memcpy(bta_dm_search_cb.p_search_queue, p_data, sizeof(tBTA_DM_API_DISCOVER));
2063 /*******************************************************************************
2065 ** Function bta_dm_search_clear_queue
2067 ** Description Clears the queue if API search cancel is called
2071 *******************************************************************************/
2072 void bta_dm_search_clear_queue (tBTA_DM_MSG *p_data)
2075 if(bta_dm_search_cb.p_search_queue)
2077 GKI_freebuf(bta_dm_search_cb.p_search_queue);
2078 bta_dm_search_cb.p_search_queue = NULL;
2084 /*******************************************************************************
2086 ** Function bta_dm_search_cancel_cmpl
2088 ** Description Search cancel is complete
2092 *******************************************************************************/
2093 void bta_dm_search_cancel_cmpl (tBTA_DM_MSG *p_data)
2096 if(bta_dm_search_cb.p_search_queue)
2098 bta_sys_sendmsg(bta_dm_search_cb.p_search_queue);
2099 bta_dm_search_cb.p_search_queue = NULL;
2104 /*******************************************************************************
2106 ** Function bta_dm_search_cancel_transac_cmpl
2108 ** Description Current Service Discovery or remote name procedure is
2109 ** completed after search cancellation
2113 *******************************************************************************/
2114 void bta_dm_search_cancel_transac_cmpl(tBTA_DM_MSG *p_data)
2117 if(bta_dm_search_cb.p_sdp_db)
2119 GKI_freebuf(bta_dm_search_cb.p_sdp_db);
2120 bta_dm_search_cb.p_sdp_db = NULL;
2123 bta_dm_search_cancel_notify(NULL);
2127 /*******************************************************************************
2129 ** Function bta_dm_search_cancel_notify
2131 ** Description Notify application that search has been cancelled
2135 *******************************************************************************/
2136 void bta_dm_search_cancel_notify (tBTA_DM_MSG *p_data)
2138 if (bta_dm_search_cb.p_search_cback)
2140 bta_dm_search_cb.p_search_cback(BTA_DM_SEARCH_CANCEL_CMPL_EVT, NULL);
2142 if (!bta_dm_search_cb.name_discover_done)
2144 BTM_CancelRemoteDeviceName();
2146 #if (BLE_INCLUDED == TRUE) && (BTA_GATT_INCLUDED == TRUE)
2147 if (bta_dm_search_cb.gatt_disc_active)
2149 bta_dm_cancel_gatt_discovery(bta_dm_search_cb.peer_bdaddr);
2155 /*******************************************************************************
2157 ** Function bta_dm_find_services
2159 ** Description Starts discovery on a device
2163 *******************************************************************************/
2164 static void bta_dm_find_services ( BD_ADDR bd_addr)
2168 UINT16 attr_list[] = {ATTR_ID_SERVICE_CLASS_ID_LIST, ATTR_ID_EXT_BRCM_VERSION};
2169 UINT16 num_attrs = 1;
2172 memset (&uuid, 0, sizeof(tSDP_UUID));
2174 while(bta_dm_search_cb.service_index < BTA_MAX_SERVICE_ID)
2176 if( bta_dm_search_cb.services_to_search
2177 & (tBTA_SERVICE_MASK)(BTA_SERVICE_ID_TO_SERVICE_MASK(bta_dm_search_cb.service_index)))
2179 if((bta_dm_search_cb.p_sdp_db = (tSDP_DISCOVERY_DB *)GKI_getbuf(BTA_DM_SDP_DB_SIZE)) != NULL)
2181 APPL_TRACE_DEBUG1("bta_dm_search_cb.services = %04x***********", bta_dm_search_cb.services);
2182 /* try to search all services by search based on L2CAP UUID */
2183 if(bta_dm_search_cb.services == BTA_ALL_SERVICE_MASK )
2185 APPL_TRACE_ERROR1("services_to_search = %08x",bta_dm_search_cb.services_to_search);
2186 if (bta_dm_search_cb.services_to_search & BTA_RES_SERVICE_MASK)
2188 uuid.uu.uuid16 = bta_service_id_to_uuid_lkup_tbl[0];
2189 bta_dm_search_cb.services_to_search &= ~BTA_RES_SERVICE_MASK;
2193 uuid.uu.uuid16 = UUID_PROTOCOL_L2CAP;
2194 bta_dm_search_cb.services_to_search = 0;
2199 #if BLE_INCLUDED == TRUE && BTA_GATT_INCLUDED == TRUE
2200 /* for LE only profile */
2201 if (bta_dm_search_cb.service_index == BTA_BLE_SERVICE_ID)
2203 if (bta_dm_search_cb.uuid_to_search > 0 && bta_dm_search_cb.p_srvc_uuid)
2206 (const void *)(bta_dm_search_cb.p_srvc_uuid + \
2207 bta_dm_search_cb.num_uuid - bta_dm_search_cb.uuid_to_search),
2210 bta_dm_search_cb.uuid_to_search -- ;
2213 uuid.uu.uuid16 = bta_service_id_to_uuid_lkup_tbl[bta_dm_search_cb.service_index];
2215 /* last one? clear the BLE service bit if all discovery has been done */
2216 if (bta_dm_search_cb.uuid_to_search == 0)
2217 bta_dm_search_cb.services_to_search &=
2218 (tBTA_SERVICE_MASK)(~(BTA_SERVICE_ID_TO_SERVICE_MASK(bta_dm_search_cb.service_index)));
2224 /* remove the service from services to be searched */
2225 bta_dm_search_cb.services_to_search &=
2226 (tBTA_SERVICE_MASK)(~(BTA_SERVICE_ID_TO_SERVICE_MASK(bta_dm_search_cb.service_index)));
2227 uuid.uu.uuid16 = bta_service_id_to_uuid_lkup_tbl[bta_dm_search_cb.service_index];
2232 uuid.len = LEN_UUID_16;
2235 if (uuid.uu.uuid16 == UUID_SERVCLASS_PNP_INFORMATION)
2241 if (bta_dm_search_cb.service_index == BTA_USER_SERVICE_ID)
2243 memcpy(&uuid, &bta_dm_search_cb.uuid, sizeof(tSDP_UUID));
2247 APPL_TRACE_ERROR1("****************search UUID = %04x***********", uuid.uu.uuid16);
2248 //SDP_InitDiscoveryDb (bta_dm_search_cb.p_sdp_db, BTA_DM_SDP_DB_SIZE, 1, &uuid, num_attrs, attr_list);
2249 SDP_InitDiscoveryDb (bta_dm_search_cb.p_sdp_db, BTA_DM_SDP_DB_SIZE, 1, &uuid, 0, NULL);
2252 memset(g_disc_raw_data_buf, 0, sizeof(g_disc_raw_data_buf));
2253 bta_dm_search_cb.p_sdp_db->raw_data = g_disc_raw_data_buf;
2255 bta_dm_search_cb.p_sdp_db->raw_size = MAX_DISC_RAW_DATA_BUF;
2257 if (!SDP_ServiceSearchAttributeRequest (bd_addr, bta_dm_search_cb.p_sdp_db, &bta_dm_sdp_callback))
2259 /* if discovery not successful with this device
2260 proceed to next one */
2261 GKI_freebuf(bta_dm_search_cb.p_sdp_db);
2262 bta_dm_search_cb.p_sdp_db = NULL;
2263 bta_dm_search_cb.service_index = BTA_MAX_SERVICE_ID;
2268 #if BLE_INCLUDED == TRUE && BTA_GATT_INCLUDED == TRUE
2269 if ((bta_dm_search_cb.service_index == BTA_BLE_SERVICE_ID &&
2270 bta_dm_search_cb.uuid_to_search == 0) ||
2271 bta_dm_search_cb.service_index != BTA_BLE_SERVICE_ID)
2273 bta_dm_search_cb.service_index++;
2279 APPL_TRACE_ERROR0("#### Failed to allocate SDP DB buffer! ####");
2283 bta_dm_search_cb.service_index++;
2286 /* no more services to be discovered */
2287 if(bta_dm_search_cb.service_index >= BTA_MAX_SERVICE_ID)
2289 if ((p_msg = (tBTA_DM_MSG *) GKI_getbuf(sizeof(tBTA_DM_MSG))) != NULL)
2291 p_msg->hdr.event = BTA_DM_DISCOVERY_RESULT_EVT;
2292 p_msg->disc_result.result.disc_res.services = bta_dm_search_cb.services_found;
2293 bdcpy (p_msg->disc_result.result.disc_res.bd_addr, bta_dm_search_cb.peer_bdaddr);
2294 BCM_STRNCPY_S((char*)p_msg->disc_result.result.disc_res.bd_name, sizeof(BD_NAME),
2295 bta_dm_get_remname(), (BD_NAME_LEN-1));
2297 /* make sure the string is terminated */
2298 p_msg->disc_result.result.disc_res.bd_name[BD_NAME_LEN-1] = 0;
2300 bta_sys_sendmsg(p_msg);
2305 /*******************************************************************************
2307 ** Function bta_dm_discover_next_device
2309 ** Description Starts discovery on the next device in Inquiry data base
2313 *******************************************************************************/
2314 static void bta_dm_discover_next_device(void)
2317 tBTA_DM_MSG * p_msg;
2319 APPL_TRACE_DEBUG0("bta_dm_discover_next_device");
2321 /* searching next device on inquiry result */
2322 if((bta_dm_search_cb.p_btm_inq_info = BTM_InqDbNext(bta_dm_search_cb.p_btm_inq_info)) != NULL)
2324 bta_dm_search_cb.name_discover_done = FALSE;
2325 bta_dm_search_cb.peer_name[0] = 0;
2326 bta_dm_discover_device(bta_dm_search_cb.p_btm_inq_info->results.remote_bd_addr);
2330 /* no devices, search complete */
2331 bta_dm_search_cb.services = 0;
2333 if ((p_msg = (tBTA_DM_MSG *) GKI_getbuf(sizeof(tBTA_DM_MSG))) != NULL)
2335 p_msg->hdr.event = BTA_DM_SEARCH_CMPL_EVT;
2336 p_msg->hdr.layer_specific = BTA_DM_API_DISCOVER_EVT;
2337 bta_sys_sendmsg(p_msg);
2342 /*******************************************************************************
2344 ** Function bta_dm_discover_device
2346 ** Description Starts name and service discovery on the device
2350 *******************************************************************************/
2351 static void bta_dm_discover_device(BD_ADDR remote_bd_addr)
2353 tBTA_DM_MSG * p_msg;
2355 APPL_TRACE_DEBUG6("bta_dm_discover_device, BDA:0x%02X%02X%02X%02X%02X%02X",
2356 remote_bd_addr[0],remote_bd_addr[1],
2357 remote_bd_addr[2],remote_bd_addr[3],
2358 remote_bd_addr[4],remote_bd_addr[5]);
2360 bdcpy(bta_dm_search_cb.peer_bdaddr, remote_bd_addr);
2362 APPL_TRACE_DEBUG2("bta_dm_discover_device name_discover_done = %d p_btm_inq_info 0x%x ",
2363 bta_dm_search_cb.name_discover_done,
2364 bta_dm_search_cb.p_btm_inq_info
2366 if ( bta_dm_search_cb.p_btm_inq_info ) {
2368 APPL_TRACE_DEBUG1("bta_dm_discover_device appl_knows_rem_name %d",
2369 bta_dm_search_cb.p_btm_inq_info->appl_knows_rem_name
2373 /* if name discovery is not done and application needs remote name */
2374 if ((!bta_dm_search_cb.name_discover_done)
2375 && (( bta_dm_search_cb.p_btm_inq_info == NULL )
2376 ||(bta_dm_search_cb.p_btm_inq_info && (!bta_dm_search_cb.p_btm_inq_info->appl_knows_rem_name))))
2378 if( bta_dm_read_remote_device_name(bta_dm_search_cb.peer_bdaddr) == TRUE )
2384 /* starting name discovery failed */
2385 bta_dm_search_cb.name_discover_done = TRUE;
2389 /* if application wants to discover service */
2390 if ( bta_dm_search_cb.services )
2392 /* initialize variables */
2393 bta_dm_search_cb.service_index = 0;
2394 bta_dm_search_cb.services_found = 0;
2395 bta_dm_search_cb.services_to_search = bta_dm_search_cb.services;
2396 #if BLE_INCLUDED == TRUE && BTA_GATT_INCLUDED == TRUE
2397 bta_dm_search_cb.uuid_to_search = bta_dm_search_cb.num_uuid;
2399 #if ( BTM_EIR_CLIENT_INCLUDED == TRUE )
2400 if ((bta_dm_search_cb.p_btm_inq_info != NULL) &&
2401 bta_dm_search_cb.services != BTA_USER_SERVICE_MASK
2402 &&(bta_dm_search_cb.sdp_search == FALSE))
2404 /* check if EIR provides the information of supported services */
2405 bta_dm_eir_search_services( &bta_dm_search_cb.p_btm_inq_info->results,
2406 &bta_dm_search_cb.services_to_search,
2407 &bta_dm_search_cb.services_found );
2410 /* if seaching with EIR is not completed */
2411 if(bta_dm_search_cb.services_to_search)
2414 /* check whether connection already exists to the device
2415 if connection exists, we don't have to wait for ACL
2416 link to go down to start search on next device */
2417 if(BTM_IsAclConnectionUp(bta_dm_search_cb.peer_bdaddr))
2418 bta_dm_search_cb.wait_disc = FALSE;
2420 bta_dm_search_cb.wait_disc = TRUE;
2422 #if (BLE_INCLUDED == TRUE && (defined BTA_GATT_INCLUDED) && (BTA_GATT_INCLUDED == TRUE))
2423 if ( bta_dm_search_cb.p_btm_inq_info )
2425 APPL_TRACE_DEBUG3("bta_dm_discover_device p_btm_inq_info 0x%x results.device_type 0x%x services_to_search 0x%x",
2426 bta_dm_search_cb.p_btm_inq_info,
2427 bta_dm_search_cb.p_btm_inq_info->results.device_type,
2428 bta_dm_search_cb.services_to_search
2431 if (BTM_UseLeLink(bta_dm_search_cb.peer_bdaddr))
2433 if ( bta_dm_search_cb.p_btm_inq_info != NULL &&
2434 bta_dm_search_cb.p_btm_inq_info->results.device_type == BT_DEVICE_TYPE_BLE &&
2435 (bta_dm_search_cb.services_to_search & BTA_BLE_SERVICE_MASK))*/
2437 if (bta_dm_search_cb.services_to_search & BTA_BLE_SERVICE_MASK)
2439 //set the raw data buffer here
2440 memset(g_disc_raw_data_buf, 0, sizeof(g_disc_raw_data_buf));
2441 bta_dm_search_cb.p_ble_rawdata = g_disc_raw_data_buf;
2443 bta_dm_search_cb.ble_raw_size = MAX_DISC_RAW_DATA_BUF;
2444 bta_dm_search_cb.ble_raw_used = 0;
2446 /* start GATT for service discovery */
2447 btm_dm_start_gatt_discovery(bta_dm_search_cb.peer_bdaddr);
2454 bta_dm_search_cb.sdp_results = FALSE;
2455 bta_dm_find_services(bta_dm_search_cb.peer_bdaddr);
2462 /* name discovery and service discovery are done for this device */
2463 if ((p_msg = (tBTA_DM_MSG *) GKI_getbuf(sizeof(tBTA_DM_MSG))) != NULL)
2465 p_msg->hdr.event = BTA_DM_DISCOVERY_RESULT_EVT;
2466 /* initialize the data structure - includes p_raw_data and raw_data_size */
2467 memset(&(p_msg->disc_result.result), 0, sizeof(tBTA_DM_DISC_RES));
2468 p_msg->disc_result.result.disc_res.result = BTA_SUCCESS;
2469 p_msg->disc_result.result.disc_res.services = bta_dm_search_cb.services_found;
2470 bdcpy (p_msg->disc_result.result.disc_res.bd_addr, bta_dm_search_cb.peer_bdaddr);
2471 BCM_STRNCPY_S((char*)p_msg->disc_result.result.disc_res.bd_name, sizeof(BD_NAME),
2472 (char*)bta_dm_search_cb.peer_name, (BD_NAME_LEN-1));
2474 /* make sure the string is terminated */
2475 p_msg->disc_result.result.disc_res.bd_name[BD_NAME_LEN-1] = 0;
2477 bta_sys_sendmsg(p_msg);
2481 /*******************************************************************************
2483 ** Function bta_dm_sdp_callback
2485 ** Description Callback from sdp with discovery status
2489 *******************************************************************************/
2490 static void bta_dm_sdp_callback (UINT16 sdp_status)
2493 tBTA_DM_SDP_RESULT * p_msg;
2495 if ((p_msg = (tBTA_DM_SDP_RESULT *) GKI_getbuf(sizeof(tBTA_DM_SDP_RESULT))) != NULL)
2497 p_msg->hdr.event = BTA_DM_SDP_RESULT_EVT;
2498 p_msg->sdp_result = sdp_status;
2499 bta_sys_sendmsg(p_msg);
2504 /*******************************************************************************
2506 ** Function bta_dm_inq_results_cb
2508 ** Description Inquiry results callback from BTM
2512 *******************************************************************************/
2513 static void bta_dm_inq_results_cb (tBTM_INQ_RESULTS *p_inq, UINT8 *p_eir)
2516 tBTA_DM_SEARCH result;
2517 tBTM_INQ_INFO *p_inq_info;
2518 UINT16 service_class;
2520 bdcpy(result.inq_res.bd_addr, p_inq->remote_bd_addr);
2521 memcpy(result.inq_res.dev_class, p_inq->dev_class, DEV_CLASS_LEN);
2522 BTM_COD_SERVICE_CLASS(service_class, p_inq->dev_class);
2523 result.inq_res.is_limited = (service_class & BTM_COD_SERVICE_LMTD_DISCOVER)?TRUE:FALSE;
2524 result.inq_res.rssi = p_inq->rssi;
2526 #if (BLE_INCLUDED == TRUE)
2527 result.inq_res.ble_addr_type = p_inq->ble_addr_type;
2528 result.inq_res.inq_result_type = p_inq->inq_result_type;
2529 result.inq_res.device_type = p_inq->device_type;
2533 /* application will parse EIR to find out remote device name */
2534 result.inq_res.p_eir = p_eir;
2536 if((p_inq_info = BTM_InqDbRead(p_inq->remote_bd_addr)) != NULL)
2538 /* initialize remt_name_not_required to FALSE so that we get the name by default */
2539 result.inq_res.remt_name_not_required = FALSE;
2543 if(bta_dm_search_cb.p_search_cback)
2544 bta_dm_search_cb.p_search_cback(BTA_DM_INQ_RES_EVT, &result);
2548 /* application indicates if it knows the remote name, inside the callback
2549 copy that to the inquiry data base*/
2550 if(result.inq_res.remt_name_not_required)
2551 p_inq_info->appl_knows_rem_name = TRUE;
2559 /*******************************************************************************
2561 ** Function bta_dm_inq_cmpl_cb
2563 ** Description Inquiry complete callback from BTM
2567 *******************************************************************************/
2568 static void bta_dm_inq_cmpl_cb (void * p_result)
2571 tBTA_DM_MSG * p_msg;
2573 APPL_TRACE_DEBUG0("bta_dm_inq_cmpl_cb");
2574 if ((p_msg = (tBTA_DM_MSG *) GKI_getbuf(sizeof(tBTA_DM_MSG))) != NULL)
2576 p_msg->inq_cmpl.hdr.event = BTA_DM_INQUIRY_CMPL_EVT;
2577 p_msg->inq_cmpl.num = ((tBTM_INQUIRY_CMPL *)p_result)->num_resp;
2578 bta_sys_sendmsg(p_msg);
2585 /*******************************************************************************
2587 ** Function bta_dm_service_search_remname_cback
2589 ** Description Remote name call back from BTM during service discovery
2593 *******************************************************************************/
2594 static void bta_dm_service_search_remname_cback (BD_ADDR bd_addr, DEV_CLASS dc, BD_NAME bd_name)
2596 tBTM_REMOTE_DEV_NAME rem_name;
2597 tBTM_STATUS btm_status;
2599 APPL_TRACE_DEBUG1("bta_dm_service_search_remname_cback name=<%s>", bd_name);
2601 /* if this is what we are looking for */
2602 if (!bdcmp( bta_dm_search_cb.peer_bdaddr, bd_addr))
2604 rem_name.length = strlen((char*)bd_name);
2605 if (rem_name.length > (BD_NAME_LEN-1))
2607 rem_name.length = (BD_NAME_LEN-1);
2608 rem_name.remote_bd_name[(BD_NAME_LEN-1)] = 0;
2610 BCM_STRNCPY_S((char*)rem_name.remote_bd_name, sizeof(BD_NAME), (char*)bd_name, (BD_NAME_LEN-1));
2611 rem_name.status = BTM_SUCCESS;
2613 bta_dm_remname_cback(&rem_name);
2617 /* get name of device */
2618 btm_status = BTM_ReadRemoteDeviceName (bta_dm_search_cb.peer_bdaddr,
2619 (tBTM_CMPL_CB *) bta_dm_remname_cback);
2620 if ( btm_status == BTM_BUSY )
2622 /* wait for next chance(notification of remote name discovery done) */
2623 APPL_TRACE_DEBUG0("bta_dm_service_search_remname_cback: BTM_ReadRemoteDeviceName is busy");
2625 else if ( btm_status != BTM_CMD_STARTED )
2627 /* if failed to start getting remote name then continue */
2628 APPL_TRACE_WARNING1("bta_dm_service_search_remname_cback: BTM_ReadRemoteDeviceName returns 0x%02X", btm_status);
2630 rem_name.length = 0;
2631 rem_name.remote_bd_name[0] = 0;
2632 rem_name.status = btm_status;
2633 bta_dm_remname_cback(&rem_name);
2639 /*******************************************************************************
2641 ** Function bta_dm_remname_cback
2643 ** Description Remote name complete call back from BTM
2647 *******************************************************************************/
2648 static void bta_dm_remname_cback (tBTM_REMOTE_DEV_NAME *p_remote_name)
2650 tBTA_DM_REM_NAME * p_msg;
2652 APPL_TRACE_DEBUG2("bta_dm_remname_cback len = %d name=<%s>", p_remote_name->length,
2653 p_remote_name->remote_bd_name);
2655 /* remote name discovery is done but it could be failed */
2656 bta_dm_search_cb.name_discover_done = TRUE;
2657 BCM_STRNCPY_S((char*)bta_dm_search_cb.peer_name, sizeof(BD_NAME), (char*)p_remote_name->remote_bd_name, (BD_NAME_LEN));
2658 bta_dm_search_cb.peer_name[BD_NAME_LEN]=0;
2660 BTM_SecDeleteRmtNameNotifyCallback(&bta_dm_service_search_remname_cback);
2661 #if BLE_INCLUDED == TRUE
2662 if (BTM_UseLeLink(bta_dm_search_cb.peer_bdaddr))
2663 GAP_BleReadPeerPrefConnParams (bta_dm_search_cb.peer_bdaddr);
2665 if ((p_msg = (tBTA_DM_REM_NAME *) GKI_getbuf(sizeof(tBTA_DM_REM_NAME))) != NULL)
2667 bdcpy (p_msg->result.disc_res.bd_addr, bta_dm_search_cb.peer_bdaddr);
2668 BCM_STRNCPY_S((char*)p_msg->result.disc_res.bd_name, sizeof(BD_NAME), (char*)p_remote_name->remote_bd_name, (BD_NAME_LEN));
2670 /* make sure the string is null terminated */
2671 p_msg->result.disc_res.bd_name[BD_NAME_LEN] = 0;
2673 p_msg->hdr.event = BTA_DM_REMT_NAME_EVT;
2674 bta_sys_sendmsg(p_msg);
2679 /*******************************************************************************
2681 ** Function bta_dm_authorize_cback
2683 ** Description cback requesting authorization
2687 *******************************************************************************/
2688 static UINT8 bta_dm_authorize_cback (BD_ADDR bd_addr, DEV_CLASS dev_class, BD_NAME bd_name,
2689 UINT8 *service_name, UINT8 service_id, BOOLEAN is_originator)
2691 tBTA_DM_SEC sec_event;
2694 bdcpy(sec_event.authorize.bd_addr, bd_addr);
2695 memcpy(sec_event.authorize.dev_class, dev_class, DEV_CLASS_LEN);
2697 BCM_STRNCPY_S((char*)sec_event.authorize.bd_name, sizeof(BD_NAME), (char*)bd_name, (BD_NAME_LEN-1));
2699 /* make sure the string is null terminated */
2700 sec_event.authorize.bd_name[BD_NAME_LEN-1] = 0;
2702 #if ( defined(BTA_JV_INCLUDED) && BTA_JV_INCLUDED == TRUE )
2703 sec_event.authorize.service = service_id;
2706 while(index < BTA_MAX_SERVICE_ID)
2708 /* get the BTA service id corresponding to BTM id */
2709 if(bta_service_id_to_btm_srv_id_lkup_tbl[index] == service_id)
2711 sec_event.authorize.service = index;
2718 /* if supported service callback otherwise not authorized */
2719 if(bta_dm_cb.p_sec_cback && (index < BTA_MAX_SERVICE_ID
2720 #if ( defined(BTA_JV_INCLUDED) && BTA_JV_INCLUDED == TRUE )
2721 /* pass through JV service ID */
2722 || (service_id >= BTA_FIRST_JV_SERVICE_ID && service_id <= BTA_LAST_JV_SERVICE_ID)
2726 bta_dm_cb.p_sec_cback(BTA_DM_AUTHORIZE_EVT, &sec_event);
2727 return BTM_CMD_STARTED;
2731 return BTM_NOT_AUTHORIZED;
2739 /*******************************************************************************
2741 ** Function bta_dm_pinname_cback
2743 ** Description Callback requesting pin_key
2747 *******************************************************************************/
2748 static void bta_dm_pinname_cback (void *p_data)
2750 tBTM_REMOTE_DEV_NAME *p_result = (tBTM_REMOTE_DEV_NAME *)p_data;
2751 tBTA_DM_SEC sec_event;
2752 UINT32 bytes_to_copy;
2753 tBTA_DM_SEC_EVT event = bta_dm_cb.pin_evt;
2755 if (BTA_DM_SP_CFM_REQ_EVT == event)
2757 /* Retrieved saved device class and bd_addr */
2758 bdcpy(sec_event.cfm_req.bd_addr, bta_dm_cb.pin_bd_addr);
2759 BTA_COPY_DEVICE_CLASS(sec_event.cfm_req.dev_class, bta_dm_cb.pin_dev_class);
2761 if (p_result && p_result->status == BTM_SUCCESS)
2763 bytes_to_copy = (p_result->length < (BD_NAME_LEN-1))
2764 ? p_result->length : (BD_NAME_LEN-1);
2765 memcpy(sec_event.cfm_req.bd_name, p_result->remote_bd_name, bytes_to_copy);
2766 sec_event.pin_req.bd_name[BD_NAME_LEN-1] = 0;
2768 else /* No name found */
2769 sec_event.cfm_req.bd_name[0] = 0;
2771 sec_event.key_notif.passkey = bta_dm_cb.num_val; /* get PIN code numeric number */
2773 /* 1 additional event data fields for this event */
2774 sec_event.cfm_req.just_works = bta_dm_cb.just_works;
2778 /* Retrieved saved device class and bd_addr */
2779 bdcpy(sec_event.pin_req.bd_addr, bta_dm_cb.pin_bd_addr);
2780 BTA_COPY_DEVICE_CLASS(sec_event.pin_req.dev_class, bta_dm_cb.pin_dev_class);
2782 if (p_result && p_result->status == BTM_SUCCESS)
2784 bytes_to_copy = (p_result->length < (BD_NAME_LEN-1))
2785 ? p_result->length : (BD_NAME_LEN-1);
2786 memcpy(sec_event.pin_req.bd_name, p_result->remote_bd_name, bytes_to_copy);
2787 sec_event.pin_req.bd_name[BD_NAME_LEN-1] = 0;
2789 else /* No name found */
2790 sec_event.pin_req.bd_name[0] = 0;
2792 event = bta_dm_cb.pin_evt;
2793 sec_event.key_notif.passkey = bta_dm_cb.num_val; /* get PIN code numeric number */
2796 if( bta_dm_cb.p_sec_cback )
2797 bta_dm_cb.p_sec_cback(event, &sec_event);
2802 /*******************************************************************************
2804 ** Function bta_dm_pin_cback
2806 ** Description Callback requesting pin_key
2810 *******************************************************************************/
2811 static UINT8 bta_dm_pin_cback (BD_ADDR bd_addr, DEV_CLASS dev_class, BD_NAME bd_name)
2813 tBTA_DM_SEC sec_event;
2815 if (!bta_dm_cb.p_sec_cback)
2816 return BTM_NOT_AUTHORIZED;
2818 /* If the device name is not known, save bdaddr and devclass and initiate a name request */
2819 if (bd_name[0] == 0)
2821 bta_dm_cb.pin_evt = BTA_DM_PIN_REQ_EVT;
2822 bdcpy(bta_dm_cb.pin_bd_addr, bd_addr);
2823 BTA_COPY_DEVICE_CLASS(bta_dm_cb.pin_dev_class, dev_class);
2824 if ((BTM_ReadRemoteDeviceName(bd_addr, bta_dm_pinname_cback)) == BTM_CMD_STARTED)
2825 return BTM_CMD_STARTED;
2827 APPL_TRACE_WARNING0(" bta_dm_pin_cback() -> Failed to start Remote Name Request ");
2830 bdcpy(sec_event.pin_req.bd_addr, bd_addr);
2831 BTA_COPY_DEVICE_CLASS(sec_event.pin_req.dev_class, dev_class);
2832 BCM_STRNCPY_S((char*)sec_event.pin_req.bd_name, sizeof(BD_NAME), (char*)bd_name, (BD_NAME_LEN-1));
2833 sec_event.pin_req.bd_name[BD_NAME_LEN-1] = 0;
2835 bta_dm_cb.p_sec_cback(BTA_DM_PIN_REQ_EVT, &sec_event);
2836 return BTM_CMD_STARTED;
2841 /*******************************************************************************
2843 ** Function bta_dm_link_key_request_cback
2845 ** Description Callback requesting linkkey
2849 *******************************************************************************/
2850 static UINT8 bta_dm_link_key_request_cback (BD_ADDR bd_addr, LINK_KEY key)
2852 /* Application passes all link key to
2853 BTM during initialization using add_device
2854 API. If BTM doesn't have the link key in it's
2855 data base, that's because application doesn't
2858 return BTM_NOT_AUTHORIZED;
2865 /*******************************************************************************
2867 ** Function bta_dm_new_link_key_cback
2869 ** Description Callback from BTM to notify new link key
2873 *******************************************************************************/
2874 static UINT8 bta_dm_new_link_key_cback(BD_ADDR bd_addr, DEV_CLASS dev_class,
2875 BD_NAME bd_name, LINK_KEY key, UINT8 key_type)
2877 tBTA_DM_SEC sec_event;
2878 tBTA_DM_AUTH_CMPL *p_auth_cmpl;
2881 memset (&sec_event, 0, sizeof(tBTA_DM_SEC));
2883 /* Not AMP Key type */
2884 if (key_type != HCI_LKEY_TYPE_AMP_WIFI && key_type != HCI_LKEY_TYPE_AMP_UWB)
2886 event = BTA_DM_AUTH_CMPL_EVT;
2887 p_auth_cmpl = &sec_event.auth_cmpl;
2889 bdcpy(p_auth_cmpl->bd_addr, bd_addr);
2891 memcpy(p_auth_cmpl->bd_name, bd_name, (BD_NAME_LEN-1));
2892 p_auth_cmpl->bd_name[BD_NAME_LEN-1] = 0;
2894 p_auth_cmpl->key_present = TRUE;
2895 p_auth_cmpl->key_type = key_type;
2896 p_auth_cmpl->success = TRUE;
2898 memcpy(p_auth_cmpl->key, key, LINK_KEY_LEN);
2899 sec_event.auth_cmpl.fail_reason = HCI_SUCCESS;
2901 if(bta_dm_cb.p_sec_cback)
2903 bta_dm_cb.p_sec_cback(event, &sec_event);
2908 APPL_TRACE_WARNING0(" bta_dm_new_link_key_cback() Received AMP Key?? ");
2911 return BTM_CMD_STARTED;
2915 /*******************************************************************************
2917 ** Function bta_dm_authentication_complete_cback
2919 ** Description Authentication complete callback from BTM
2923 *******************************************************************************/
2924 static UINT8 bta_dm_authentication_complete_cback(BD_ADDR bd_addr, DEV_CLASS dev_class,BD_NAME bd_name, int result)
2927 tBTA_DM_SEC sec_event;
2929 if(result != BTM_SUCCESS)
2931 memset(&sec_event, 0, sizeof(tBTA_DM_SEC));
2932 bdcpy(sec_event.auth_cmpl.bd_addr, bd_addr);
2934 memcpy(sec_event.auth_cmpl.bd_name, bd_name, (BD_NAME_LEN-1));
2935 sec_event.auth_cmpl.bd_name[BD_NAME_LEN-1] = 0;
2937 /* taken care of by memset [above]
2938 sec_event.auth_cmpl.key_present = FALSE;
2939 sec_event.auth_cmpl.success = FALSE;
2941 sec_event.auth_cmpl.fail_reason = (UINT8)result;
2942 if(bta_dm_cb.p_sec_cback)
2944 bta_dm_cb.p_sec_cback(BTA_DM_AUTH_CMPL_EVT, &sec_event);
2946 /* delete this device entry from Sec Dev DB */
2947 bta_dm_remove_sec_dev_entry(bd_addr);
2954 /*******************************************************************************
2956 ** Function bta_dm_sp_cback
2958 ** Description simple pairing callback from BTM
2962 *******************************************************************************/
2963 static UINT8 bta_dm_sp_cback (tBTM_SP_EVT event, tBTM_SP_EVT_DATA *p_data)
2965 tBTM_STATUS status = BTM_CMD_STARTED;
2966 tBTA_DM_SEC sec_event;
2967 tBTA_DM_SEC_EVT pin_evt = BTA_DM_SP_KEY_NOTIF_EVT;
2969 APPL_TRACE_EVENT1("bta_dm_sp_cback: %d", event);
2970 if (!bta_dm_cb.p_sec_cback)
2971 return BTM_NOT_AUTHORIZED;
2976 case BTM_SP_IO_REQ_EVT:
2977 #if (BTM_LOCAL_IO_CAPS != BTM_IO_CAP_NONE)
2978 /* translate auth_req */
2979 bta_dm_co_io_req(p_data->io_req.bd_addr, &p_data->io_req.io_cap,
2980 &p_data->io_req.oob_data, &p_data->io_req.auth_req, p_data->io_req.is_orig);
2982 #if BTM_OOB_INCLUDED == FALSE
2983 status = BTM_SUCCESS;
2986 APPL_TRACE_EVENT2("io mitm: %d oob_data:%d", p_data->io_req.auth_req, p_data->io_req.oob_data);
2988 case BTM_SP_IO_RSP_EVT:
2989 #if (BTM_LOCAL_IO_CAPS != BTM_IO_CAP_NONE)
2990 bta_dm_co_io_rsp(p_data->io_rsp.bd_addr, p_data->io_rsp.io_cap,
2991 p_data->io_rsp.oob_data, p_data->io_rsp.auth_req );
2995 case BTM_SP_CFM_REQ_EVT:
2996 pin_evt = BTA_DM_SP_CFM_REQ_EVT;
2997 bta_dm_cb.just_works = sec_event.cfm_req.just_works = p_data->cfm_req.just_works;
2998 sec_event.cfm_req.loc_auth_req = p_data->cfm_req.loc_auth_req;
2999 sec_event.cfm_req.rmt_auth_req = p_data->cfm_req.rmt_auth_req;
3000 sec_event.cfm_req.loc_io_caps = p_data->cfm_req.loc_io_caps;
3001 sec_event.cfm_req.rmt_io_caps = p_data->cfm_req.rmt_io_caps;
3002 /* continue to next case */
3003 #if (BTM_LOCAL_IO_CAPS != BTM_IO_CAP_NONE)
3004 /* Passkey entry mode, mobile device with output capability is very
3005 unlikely to receive key request, so skip this event */
3006 /*case BTM_SP_KEY_REQ_EVT: */
3007 case BTM_SP_KEY_NOTIF_EVT:
3009 bta_dm_cb.num_val = sec_event.key_notif.passkey = p_data->key_notif.passkey;
3010 /* If the device name is not known, save bdaddr and devclass and initiate a name request */
3011 if (p_data->key_notif.bd_name[0] == 0)
3013 bta_dm_cb.pin_evt = pin_evt;
3014 bdcpy(bta_dm_cb.pin_bd_addr, p_data->key_notif.bd_addr);
3015 BTA_COPY_DEVICE_CLASS(bta_dm_cb.pin_dev_class, p_data->key_notif.dev_class);
3016 if ((BTM_ReadRemoteDeviceName(p_data->key_notif.bd_addr, bta_dm_pinname_cback)) == BTM_CMD_STARTED)
3017 return BTM_CMD_STARTED;
3019 APPL_TRACE_WARNING0(" bta_dm_sp_cback() -> Failed to start Remote Name Request ");
3021 bdcpy(sec_event.key_notif.bd_addr, p_data->key_notif.bd_addr);
3022 BTA_COPY_DEVICE_CLASS(sec_event.key_notif.dev_class, p_data->key_notif.dev_class);
3023 BCM_STRNCPY_S((char*)sec_event.key_notif.bd_name, sizeof(BD_NAME), (char*)p_data->key_notif.bd_name, (BD_NAME_LEN-1));
3024 sec_event.key_notif.bd_name[BD_NAME_LEN-1] = 0;
3026 bta_dm_cb.p_sec_cback(pin_evt, &sec_event);
3030 #if BTM_OOB_INCLUDED == TRUE
3031 case BTM_SP_LOC_OOB_EVT:
3032 bta_dm_co_loc_oob((BOOLEAN)(p_data->loc_oob.status == BTM_SUCCESS),
3033 p_data->loc_oob.c, p_data->loc_oob.r);
3036 case BTM_SP_RMT_OOB_EVT:
3037 /* If the device name is not known, save bdaddr and devclass and initiate a name request */
3038 if (p_data->rmt_oob.bd_name[0] == 0)
3040 bta_dm_cb.pin_evt = BTA_DM_SP_RMT_OOB_EVT;
3041 bdcpy(bta_dm_cb.pin_bd_addr, p_data->rmt_oob.bd_addr);
3042 BTA_COPY_DEVICE_CLASS(bta_dm_cb.pin_dev_class, p_data->rmt_oob.dev_class);
3043 if ((BTM_ReadRemoteDeviceName(p_data->rmt_oob.bd_addr, bta_dm_pinname_cback)) == BTM_CMD_STARTED)
3044 return BTM_CMD_STARTED;
3046 APPL_TRACE_WARNING0(" bta_dm_sp_cback() -> Failed to start Remote Name Request ");
3048 bdcpy(sec_event.rmt_oob.bd_addr, p_data->rmt_oob.bd_addr);
3049 BTA_COPY_DEVICE_CLASS(sec_event.rmt_oob.dev_class, p_data->rmt_oob.dev_class);
3050 BCM_STRNCPY_S((char*)sec_event.rmt_oob.bd_name, sizeof(BD_NAME), (char*)p_data->rmt_oob.bd_name, (BD_NAME_LEN-1));
3051 sec_event.rmt_oob.bd_name[BD_NAME_LEN-1] = 0;
3053 bta_dm_cb.p_sec_cback(BTA_DM_SP_RMT_OOB_EVT, &sec_event);
3055 bta_dm_co_rmt_oob(p_data->rmt_oob.bd_addr);
3058 case BTM_SP_COMPLT_EVT:
3059 /* do not report this event - handled by link_key_callback or auth_complete_callback */
3062 case BTM_SP_KEYPRESS_EVT:
3063 memcpy(&sec_event.key_press, &p_data->key_press, sizeof(tBTM_SP_KEYPRESS));
3064 bta_dm_cb.p_sec_cback(BTA_DM_SP_KEYPRESS_EVT, &sec_event);
3067 case BTM_SP_UPGRADE_EVT:
3068 bta_dm_co_lk_upgrade(p_data->upgrade.bd_addr, &p_data->upgrade.upgrade );
3072 status = BTM_NOT_AUTHORIZED;
3075 APPL_TRACE_EVENT1("dm status: %d", status);
3079 /*******************************************************************************
3081 ** Function bta_dm_local_name_cback
3083 ** Description Callback from btm after local name is read
3088 *******************************************************************************/
3089 static void bta_dm_local_name_cback(UINT8 *p_name)
3091 tBTA_DM_SEC sec_event;
3093 BTM_GetLocalDeviceAddr(sec_event.enable.bd_addr);
3094 sec_event.enable.status = BTA_SUCCESS;
3096 if(bta_dm_cb.p_sec_cback)
3097 bta_dm_cb.p_sec_cback(BTA_DM_ENABLE_EVT, &sec_event);
3100 /*******************************************************************************
3102 ** Function bta_dm_signal_strength
3104 ** Description Callback from btm after local bdaddr is read
3109 *******************************************************************************/
3110 void bta_dm_signal_strength(tBTA_DM_MSG *p_data)
3113 if(p_data->sig_strength.start)
3115 bta_dm_cb.signal_strength_mask = p_data->sig_strength.mask;
3116 bta_dm_cb.signal_strength_period = p_data->sig_strength.period;
3117 bta_dm_signal_strength_timer_cback(NULL);
3121 bta_sys_stop_timer(&bta_dm_cb.signal_strength_timer);
3125 /*******************************************************************************
3127 ** Function bta_dm_signal_strength_timer_cback
3129 ** Description Periodic timer callback to read signal strength
3134 *******************************************************************************/
3135 static void bta_dm_signal_strength_timer_cback (TIMER_LIST_ENT *p_tle)
3140 if(bta_dm_cb.signal_strength_mask & BTA_SIG_STRENGTH_RSSI_MASK)
3142 for(i=0; i<bta_dm_cb.device_list.count; i++)
3144 BTM_ReadRSSI (bta_dm_cb.device_list.peer_device[i].peer_bdaddr, (tBTM_CMPL_CB *)bta_dm_rssi_cback);
3148 if(bta_dm_cb.signal_strength_mask & BTA_SIG_STRENGTH_LINK_QUALITY_MASK)
3151 for(i=0; i<bta_dm_cb.device_list.count; i++)
3153 BTM_ReadLinkQuality (bta_dm_cb.device_list.peer_device[i].peer_bdaddr, (tBTM_CMPL_CB *)bta_dm_link_quality_cback);
3158 if(bta_dm_cb.signal_strength_period)
3160 bta_dm_cb.signal_strength_timer.p_cback = (TIMER_CBACK*)&bta_dm_signal_strength_timer_cback;
3161 bta_sys_start_timer(&bta_dm_cb.signal_strength_timer, 0, (UINT32)1000*bta_dm_cb.signal_strength_period);
3166 #if (defined(BTM_BUSY_LEVEL_CHANGE_INCLUDED) && BTM_BUSY_LEVEL_CHANGE_INCLUDED == TRUE)
3167 /*******************************************************************************
3169 ** Function bta_dm_bl_change_cback
3171 ** Description Callback from btm when acl connection goes up or down
3176 *******************************************************************************/
3177 static void bta_dm_bl_change_cback (tBTM_BL_EVENT_DATA *p_data)
3179 tBTA_DM_ACL_CHANGE * p_msg;
3181 if ((p_msg = (tBTA_DM_ACL_CHANGE *) GKI_getbuf(sizeof(tBTA_DM_ACL_CHANGE))) != NULL)
3183 p_msg->event = p_data->event;
3184 p_msg->is_new = FALSE;
3186 switch(p_msg->event)
3188 case BTM_BL_CONN_EVT:
3189 p_msg->is_new = TRUE;
3190 bdcpy(p_msg->bd_addr, p_data->conn.p_bda);
3192 case BTM_BL_DISCN_EVT:
3193 bdcpy(p_msg->bd_addr, p_data->discn.p_bda);
3195 case BTM_BL_UPDATE_EVT:
3196 p_msg->busy_level = p_data->update.busy_level;
3197 p_msg->busy_level_flags = p_data->update.busy_level_flags;
3199 case BTM_BL_ROLE_CHG_EVT:
3200 p_msg->new_role = p_data->role_chg.new_role;
3201 p_msg->hci_status = p_data->role_chg.hci_status;
3202 bdcpy(p_msg->bd_addr, p_data->role_chg.p_bda);
3204 case BTM_BL_COLLISION_EVT:
3205 bdcpy(p_msg->bd_addr, p_data->conn.p_bda);
3209 p_msg->hdr.event = BTA_DM_ACL_CHANGE_EVT;
3210 bta_sys_sendmsg(p_msg);
3217 /*******************************************************************************
3219 ** Function bta_dm_acl_change_cback
3221 ** Description Callback from btm when acl connection goes up or down
3226 *******************************************************************************/
3227 static void bta_dm_acl_change_cback (BD_ADDR p_bda, DEV_CLASS p_dc, BD_NAME p_bdn,
3228 UINT8 *features, BOOLEAN is_new)
3231 tBTA_DM_ACL_CHANGE * p_msg;
3233 if ((p_msg = (tBTA_DM_ACL_CHANGE *) GKI_getbuf(sizeof(tBTA_DM_ACL_CHANGE))) != NULL)
3235 bdcpy (p_msg->bd_addr, p_bda);
3236 p_msg->is_new = is_new;
3238 /* This is collision case */
3239 if (features != NULL)
3241 if ((features[0] == 0xFF) && !is_new)
3242 p_msg->event = BTM_BL_COLLISION_EVT;
3245 p_msg->hdr.event = BTA_DM_ACL_CHANGE_EVT;
3246 bta_sys_sendmsg(p_msg);
3252 /*******************************************************************************
3254 ** Function bta_dm_rs_cback
3256 ** Description Receives the role switch complete event
3260 *******************************************************************************/
3261 static void bta_dm_rs_cback (tBTM_ROLE_SWITCH_CMPL *p1)
3263 APPL_TRACE_WARNING1("bta_dm_rs_cback:%d", bta_dm_cb.rs_event);
3264 if(bta_dm_cb.rs_event == BTA_DM_API_SEARCH_EVT)
3266 bta_dm_cb.search_msg.rs_res = BTA_DM_RS_OK; /* do not care about the result for now */
3267 bta_dm_cb.rs_event = 0;
3268 bta_dm_search_start((tBTA_DM_MSG *)&bta_dm_cb.search_msg);
3272 /*******************************************************************************
3274 ** Function bta_dm_check_av
3276 ** Description This function checks if AV is active
3277 ** if yes, make sure the AV link is master
3279 ** Returns BOOLEAN - TRUE, if switch is in progress
3281 *******************************************************************************/
3282 static BOOLEAN bta_dm_check_av(UINT16 event)
3284 BOOLEAN switching = FALSE;
3286 tBTA_DM_PEER_DEVICE *p_dev;
3288 APPL_TRACE_WARNING1("bta_dm_check_av:%d", bta_dm_cb.cur_av_count);
3289 if(bta_dm_cb.cur_av_count)
3291 for(i=0; i<bta_dm_cb.device_list.count; i++)
3293 p_dev = &bta_dm_cb.device_list.peer_device[i];
3294 APPL_TRACE_WARNING3("[%d]: state:%d, info:x%x", i, p_dev->conn_state, p_dev->info);
3295 if((p_dev->conn_state == BTA_DM_CONNECTED) && (p_dev->info & BTA_DM_DI_AV_ACTIVE))
3297 /* make master and take away the role switch policy */
3298 if(BTM_CMD_STARTED == BTM_SwitchRole (p_dev->peer_bdaddr, HCI_ROLE_MASTER, (tBTM_CMPL_CB *)bta_dm_rs_cback))
3300 /* the role switch command is actually sent */
3301 bta_dm_cb.rs_event = event;
3304 /* else either already master or can not switch for some reasons */
3305 bta_dm_policy_cback(BTA_SYS_PLCY_CLR, 0, HCI_ENABLE_MASTER_SLAVE_SWITCH, p_dev->peer_bdaddr);
3313 /*******************************************************************************
3315 ** Function bta_dm_acl_change
3317 ** Description Process BTA_DM_ACL_CHANGE_EVT
3322 *******************************************************************************/
3323 void bta_dm_acl_change(tBTA_DM_MSG *p_data)
3329 BOOLEAN is_new = p_data->acl_change.is_new;
3330 BD_ADDR_PTR p_bda = p_data->acl_change.bd_addr;
3331 BOOLEAN need_policy_change = FALSE;
3332 BOOLEAN issue_unpair_cb = FALSE;
3334 #if (defined(BTM_BUSY_LEVEL_CHANGE_INCLUDED) && BTM_BUSY_LEVEL_CHANGE_INCLUDED == TRUE)
3335 tBTA_DM_PEER_DEVICE *p_dev;
3337 switch(p_data->acl_change.event)
3339 case BTM_BL_UPDATE_EVT: /* busy level update */
3340 if( bta_dm_cb.p_sec_cback )
3342 conn.busy_level.level = p_data->acl_change.busy_level;
3343 conn.busy_level.level_flags = p_data->acl_change.busy_level_flags;
3344 bta_dm_cb.p_sec_cback(BTA_DM_BUSY_LEVEL_EVT, &conn);
3348 case BTM_BL_ROLE_CHG_EVT: /* role change event */
3349 p_dev = bta_dm_find_peer_device(p_bda);
3352 APPL_TRACE_DEBUG3("bta_dm_acl_change role chg info:x%x new_role:%d dev count:%d",
3353 p_dev->info, p_data->acl_change.new_role, bta_dm_cb.device_list.count);
3354 if(p_dev->info & BTA_DM_DI_AV_ACTIVE)
3356 /* there's AV activity on this link */
3357 if(p_data->acl_change.new_role == HCI_ROLE_SLAVE && bta_dm_cb.device_list.count > 1
3358 && p_data->acl_change.hci_status == HCI_SUCCESS)
3360 /* more than one connections and the AV connection is role switched to slave
3361 * switch it back to master and remove the switch policy */
3362 BTM_SwitchRole(p_bda, BTM_ROLE_MASTER, NULL);
3363 need_policy_change = TRUE;
3365 else if (bta_dm_cfg.avoid_scatter && (p_data->acl_change.new_role == HCI_ROLE_MASTER))
3367 /* if the link updated to be master include AV activities, remove the switch policy */
3368 need_policy_change = TRUE;
3371 if(need_policy_change)
3373 bta_dm_policy_cback(BTA_SYS_PLCY_CLR, 0, HCI_ENABLE_MASTER_SLAVE_SWITCH, p_dev->peer_bdaddr);
3378 /* there's AV no activity on this link and role switch happened
3379 * check if AV is active
3380 * if so, make sure the AV link is master */
3383 bta_sys_notify_role_chg(p_data->acl_change.bd_addr, p_data->acl_change.new_role, p_data->acl_change.hci_status);
3384 bdcpy(conn.role_chg.bd_addr, p_bda);
3385 conn.role_chg.new_role = (UINT8) p_data->acl_change.new_role;
3386 if( bta_dm_cb.p_sec_cback )
3387 bta_dm_cb.p_sec_cback(BTA_DM_ROLE_CHG_EVT, &conn);
3393 /* Collision report from Stack: Notify profiles */
3394 if (p_data->acl_change.event == BTM_BL_COLLISION_EVT)
3396 bta_sys_notify_collision (p_bda);
3402 for(i=0; i<bta_dm_cb.device_list.count; i++)
3404 if(!bdcmp( bta_dm_cb.device_list.peer_device[i].peer_bdaddr, p_bda))
3409 if(i == bta_dm_cb.device_list.count)
3411 bdcpy(bta_dm_cb.device_list.peer_device[bta_dm_cb.device_list.count].peer_bdaddr, p_bda);
3412 bta_dm_cb.device_list.peer_device[bta_dm_cb.device_list.count].link_policy = bta_dm_cb.cur_policy;
3413 bta_dm_cb.device_list.count++;
3416 bta_dm_cb.device_list.peer_device[i].conn_state = BTA_DM_CONNECTED;
3417 bta_dm_cb.device_list.peer_device[i].pref_role = BTA_ANY_ROLE;
3418 bdcpy(conn.link_up.bd_addr, p_bda);
3419 bta_dm_cb.device_list.peer_device[i].info = BTA_DM_DI_NONE;
3420 if( ((NULL != (p = BTM_ReadLocalFeatures ())) && HCI_SNIFF_SUB_RATE_SUPPORTED(p)) &&
3421 ((NULL != (p = BTM_ReadRemoteFeatures (p_bda))) && HCI_SNIFF_SUB_RATE_SUPPORTED(p)) )
3423 /* both local and remote devices support SSR */
3424 bta_dm_cb.device_list.peer_device[i].info = BTA_DM_DI_USE_SSR;
3426 APPL_TRACE_WARNING1("info:x%x", bta_dm_cb.device_list.peer_device[i].info);
3427 if( bta_dm_cb.p_sec_cback )
3428 bta_dm_cb.p_sec_cback(BTA_DM_LINK_UP_EVT, &conn);
3433 for(i=0; i<bta_dm_cb.device_list.count; i++)
3435 if(bdcmp( bta_dm_cb.device_list.peer_device[i].peer_bdaddr, p_bda))
3438 if( bta_dm_cb.device_list.peer_device[i].conn_state == BTA_DM_UNPAIRING )
3440 BTM_SecDeleteDevice(bta_dm_cb.device_list.peer_device[i].peer_bdaddr);
3441 issue_unpair_cb = TRUE;
3444 conn.link_down.is_removed = bta_dm_cb.device_list.peer_device[i].remove_dev_pending;
3446 for(; i<bta_dm_cb.device_list.count ; i++)
3448 memcpy(&bta_dm_cb.device_list.peer_device[i], &bta_dm_cb.device_list.peer_device[i+1], sizeof(bta_dm_cb.device_list.peer_device[i]));
3452 if(bta_dm_cb.device_list.count)
3453 bta_dm_cb.device_list.count--;
3455 if(bta_dm_search_cb.wait_disc && !bdcmp(bta_dm_search_cb.peer_bdaddr, p_bda))
3457 bta_dm_search_cb.wait_disc = FALSE;
3459 if(bta_dm_search_cb.sdp_results)
3461 APPL_TRACE_EVENT0(" timer stopped ");
3462 bta_sys_stop_timer(&bta_dm_search_cb.search_timer);
3463 bta_dm_discover_next_device();
3468 if(bta_dm_cb.disabling)
3470 if(!BTM_GetNumAclLinks())
3472 bta_sys_stop_timer(&bta_dm_cb.disable_timer);
3473 bta_dm_cb.disable_timer.p_cback = (TIMER_CBACK*)&bta_dm_disable_conn_down_timer_cback;
3474 /* start a timer to make sure that the profiles get the disconnect event */
3475 bta_sys_start_timer(&bta_dm_cb.disable_timer, 0, 1000);
3478 if (conn.link_down.is_removed)
3480 BTM_SecDeleteDevice(p_bda);
3481 #if (BLE_INCLUDED == TRUE && BTA_GATT_INCLUDED == TRUE)
3482 /* need to remove all pending background connection */
3483 BTA_GATTC_CancelOpen(0, p_bda, FALSE);
3484 /* remove all cached GATT information */
3485 BTA_GATTC_Refresh(p_bda);
3489 bdcpy(conn.link_down.bd_addr, p_bda);
3490 conn.link_down.status = (UINT8) btm_get_acl_disc_reason_code();
3491 if( bta_dm_cb.p_sec_cback )
3493 bta_dm_cb.p_sec_cback(BTA_DM_LINK_DOWN_EVT, &conn);
3494 if( issue_unpair_cb )
3495 bta_dm_cb.p_sec_cback(BTA_DM_DEV_UNPAIRED_EVT, &conn);
3499 bta_dm_adjust_roles(TRUE);
3502 /*******************************************************************************
3504 ** Function bta_dm_disable_conn_down_timer_cback
3506 ** Description Sends disable event to application
3511 *******************************************************************************/
3512 static void bta_dm_disable_conn_down_timer_cback (TIMER_LIST_ENT *p_tle)
3514 tBTA_SYS_HW_MSG *sys_enable_event;
3516 /* disable the power managment module */
3517 bta_dm_disable_pm();
3519 /* register our callback to SYS HW manager */
3520 bta_sys_hw_register( BTA_SYS_HW_BLUETOOTH, bta_dm_sys_hw_cback );
3522 /* send a message to BTA SYS */
3523 if ((sys_enable_event = (tBTA_SYS_HW_MSG *) GKI_getbuf(sizeof(tBTA_SYS_HW_MSG))) != NULL)
3525 sys_enable_event->hdr.event = BTA_SYS_API_DISABLE_EVT;
3526 sys_enable_event->hw_module = BTA_SYS_HW_BLUETOOTH;
3527 bta_sys_sendmsg(sys_enable_event);
3530 bta_dm_cb.disabling = FALSE;
3534 /*******************************************************************************
3536 ** Function bta_dm_rssi_cback
3538 ** Description Callback from btm with rssi values
3543 *******************************************************************************/
3544 static void bta_dm_rssi_cback (tBTM_RSSI_RESULTS *p_result)
3546 tBTA_DM_SEC sec_event;
3548 if(p_result->status == BTM_SUCCESS)
3551 bdcpy(sec_event.sig_strength.bd_addr, p_result->rem_bda);
3552 sec_event.sig_strength.mask = BTA_SIG_STRENGTH_RSSI_MASK;
3553 sec_event.sig_strength.rssi_value = p_result->rssi;
3554 if( bta_dm_cb.p_sec_cback!= NULL )
3555 bta_dm_cb.p_sec_cback(BTA_DM_SIG_STRENGTH_EVT, &sec_event);
3560 /*******************************************************************************
3562 ** Function bta_dm_link_quality_cback
3564 ** Description Callback from btm with link quality value
3569 *******************************************************************************/
3570 static void bta_dm_link_quality_cback (tBTM_LINK_QUALITY_RESULTS *p_result)
3573 tBTA_DM_SEC sec_event;
3575 if(p_result->status == BTM_SUCCESS)
3578 bdcpy(sec_event.sig_strength.bd_addr, p_result->rem_bda);
3579 sec_event.sig_strength.mask = BTA_SIG_STRENGTH_LINK_QUALITY_MASK;
3580 sec_event.sig_strength.link_quality_value = p_result->link_quality;
3581 if( bta_dm_cb.p_sec_cback!= NULL )
3582 bta_dm_cb.p_sec_cback(BTA_DM_SIG_STRENGTH_EVT, &sec_event);
3587 /*******************************************************************************
3589 ** Function bta_dm_rm_cback
3591 ** Description Role management callback from sys
3596 *******************************************************************************/
3597 static void bta_dm_rm_cback(tBTA_SYS_CONN_STATUS status, UINT8 id, UINT8 app_id, BD_ADDR peer_addr)
3601 tBTA_PREF_ROLES role;
3602 tBTA_DM_PEER_DEVICE *p_dev;
3604 p_dev = bta_dm_find_peer_device(peer_addr);
3605 if( status == BTA_SYS_CONN_OPEN)
3609 /* Do not set to connected if we are in the middle of unpairing. When AV stream is
3610 * started it fakes out a SYS_CONN_OPEN to potentially trigger a role switch command.
3611 * But this should not be done if we are in the middle of unpairing.
3613 if (p_dev->conn_state != BTA_DM_UNPAIRING)
3614 p_dev->conn_state = BTA_DM_CONNECTED;
3616 for(j=1; j<= p_bta_dm_rm_cfg[0].app_id; j++)
3618 if(((p_bta_dm_rm_cfg[j].app_id == app_id) || (p_bta_dm_rm_cfg[j].app_id == BTA_ALL_APP_ID))
3619 && (p_bta_dm_rm_cfg[j].id == id))
3621 role = p_bta_dm_rm_cfg[j].cfg;
3623 if(role > p_dev->pref_role )
3624 p_dev->pref_role = role;
3633 if((BTA_ID_AV == id)||(BTA_ID_AVK ==id))
3635 if( status == BTA_SYS_CONN_BUSY)
3638 p_dev->info |= BTA_DM_DI_AV_ACTIVE;
3639 /* AV calls bta_sys_conn_open with the A2DP stream count as app_id */
3641 bta_dm_cb.cur_av_count = app_id;
3643 else if( status == BTA_SYS_CONN_IDLE)
3646 p_dev->info &= ~BTA_DM_DI_AV_ACTIVE;
3647 /* AV calls bta_sys_conn_open with the A2DP stream count as app_id */
3649 bta_dm_cb.cur_av_count = app_id;
3651 APPL_TRACE_WARNING2("bta_dm_rm_cback:%d, status:%d", bta_dm_cb.cur_av_count, status);
3653 else if ((status == BTA_SYS_CONN_BUSY) || (status == BTA_SYS_CONN_IDLE))
3655 /* Do not do role switch management for non-AV profiles when data flow starts/stops */
3659 bta_dm_adjust_roles(FALSE);
3663 /*******************************************************************************
3665 ** Function bta_dm_dev_blacklisted_for_switch
3667 ** Description Checks if the device is blacklisted for immediate role switch after connection.
3669 ** Returns TRUE if dev is blacklisted else FALSE
3671 *******************************************************************************/
3672 static BOOLEAN bta_dm_dev_blacklisted_for_switch (BD_ADDR remote_bd_addr)
3674 UINT16 manufacturer = 0;
3675 UINT16 lmp_sub_version = 0;
3676 UINT8 lmp_version = 0;
3679 if (BTM_ReadRemoteVersion(remote_bd_addr, &lmp_version,
3680 &manufacturer, &lmp_sub_version) == BTM_SUCCESS)
3682 /* Check if this device version info matches with is
3683 blacklisted versions for role switch */
3684 for (i = 0; i < BTA_DM_MAX_ROLE_SWITCH_BLACKLIST_COUNT; i++)
3686 if ((bta_role_switch_blacklist[i].lmp_version == lmp_version) &&
3687 (bta_role_switch_blacklist[i].manufacturer == manufacturer)&&
3688 ((bta_role_switch_blacklist[i].lmp_sub_version & lmp_sub_version) ==
3689 bta_role_switch_blacklist[i].lmp_sub_version))
3691 APPL_TRACE_EVENT0("Black list F/W version matches.. Delay Role Switch...");
3700 /*******************************************************************************
3702 ** Function bta_dm_delay_role_switch_cback
3704 ** Description Callback from btm to delay a role switch
3708 *******************************************************************************/
3709 static void bta_dm_delay_role_switch_cback(TIMER_LIST_ENT *p_tle)
3711 APPL_TRACE_EVENT0("bta_dm_delay_role_switch_cback: initiating Delayed RS");
3712 bta_dm_adjust_roles (FALSE);
3715 /*******************************************************************************
3717 ** Function bta_dm_remove_sec_dev_entry
3719 ** Description Removes device entry from Security device DB if ACL connection with
3720 ** remtoe device does not exist, else schedule for dev entry removal upon
3725 *******************************************************************************/
3726 static void bta_dm_remove_sec_dev_entry(BD_ADDR remote_bd_addr)
3729 if (BTM_IsAclConnectionUp(remote_bd_addr))
3731 APPL_TRACE_DEBUG1("%s ACL is not down. Schedule for Dev Removal when ACL closes",
3733 for (index = 0; index < bta_dm_cb.device_list.count; index ++)
3735 if (!bdcmp( bta_dm_cb.device_list.peer_device[index].peer_bdaddr, remote_bd_addr))
3738 if (index != bta_dm_cb.device_list.count)
3740 bta_dm_cb.device_list.peer_device[index].remove_dev_pending = TRUE;
3744 APPL_TRACE_ERROR1(" %s Device does not exist in DB", __FUNCTION__);
3749 BTM_SecDeleteDevice (remote_bd_addr);
3754 /*******************************************************************************
3756 ** Function bta_dm_adjust_roles
3758 ** Description Adjust roles
3763 *******************************************************************************/
3764 static void bta_dm_adjust_roles(BOOLEAN delay_role_switch)
3768 BOOLEAN set_master_role = FALSE;
3770 if(bta_dm_cb.device_list.count)
3773 /* the configuration is no scatternet
3774 * or AV connection exists and there are more than one ACL link */
3775 if( (p_bta_dm_rm_cfg[0].cfg == BTA_DM_NO_SCATTERNET) ||
3776 (bta_dm_cb.cur_av_count && bta_dm_cb.device_list.count > 1) )
3779 L2CA_SetDesireRole (HCI_ROLE_MASTER);
3780 set_master_role = TRUE;
3784 for(i=0; i<bta_dm_cb.device_list.count; i++)
3786 if(bta_dm_cb.device_list.peer_device[i].conn_state == BTA_DM_CONNECTED)
3788 if(!set_master_role && (bta_dm_cb.device_list.peer_device[i].pref_role != BTA_ANY_ROLE)
3789 && (p_bta_dm_rm_cfg[0].cfg == BTA_DM_PARTIAL_SCATTERNET))
3791 L2CA_SetDesireRole (HCI_ROLE_MASTER);
3792 set_master_role = TRUE;
3795 if((bta_dm_cb.device_list.peer_device[i].pref_role == BTA_MASTER_ROLE_ONLY)
3796 || (bta_dm_cb.device_list.count > 1))
3799 /* Initiating immediate role switch with certain remote devices
3800 has caused issues due to role switch colliding with link encryption setup and
3801 causing encryption (and in turn the link) to fail . These device . Firmware
3802 versions are stored in a blacklist and role switch with these devices are
3803 delayed to avoid the collision with link encryption setup */
3805 if ((delay_role_switch == FALSE) ||
3806 (bta_dm_dev_blacklisted_for_switch(
3807 bta_dm_cb.device_list.peer_device[i].peer_bdaddr) == FALSE))
3809 BTM_SwitchRole (bta_dm_cb.device_list.peer_device[i].peer_bdaddr,
3810 HCI_ROLE_MASTER, NULL);
3814 bta_dm_cb.switch_delay_timer.p_cback =
3815 (TIMER_CBACK*)&bta_dm_delay_role_switch_cback;
3816 bta_sys_start_timer(&bta_dm_cb.switch_delay_timer, 0, 500);
3824 if(!set_master_role)
3827 L2CA_SetDesireRole (L2CAP_DESIRED_LINK_ROLE);
3834 L2CA_SetDesireRole (L2CAP_DESIRED_LINK_ROLE);
3840 /*******************************************************************************
3842 ** Function bta_dm_get_remname
3844 ** Description Returns a pointer to the remote name stored in the DM control
3845 ** block if it exists, or from the BTM memory.
3847 ** Returns char * - Pointer to the remote device name
3848 *******************************************************************************/
3849 static char *bta_dm_get_remname(void)
3851 char *p_name = (char *)bta_dm_search_cb.peer_name;
3854 /* If the name isn't already stored, try retrieving from BTM */
3855 if (*p_name == '\0')
3856 if ((p_temp = BTM_SecReadDevName(bta_dm_search_cb.peer_bdaddr)) != NULL)
3862 /*******************************************************************************
3864 ** Function bta_dm_bond_cancel_complete_cback
3866 ** Description Authentication complete callback from BTM
3870 *******************************************************************************/
3871 static void bta_dm_bond_cancel_complete_cback(tBTM_STATUS result)
3874 tBTA_DM_SEC sec_event;
3876 if (result == BTM_SUCCESS)
3877 sec_event.bond_cancel_cmpl.result = BTA_SUCCESS;
3879 sec_event.bond_cancel_cmpl.result = BTA_FAILURE;
3881 if(bta_dm_cb.p_sec_cback)
3883 bta_dm_cb.p_sec_cback(BTA_DM_BOND_CANCEL_CMPL_EVT, &sec_event);
3887 #if ( BTM_EIR_SERVER_INCLUDED == TRUE )
3888 #if ( BTA_EIR_CANNED_UUID_LIST != TRUE )&&(BTA_EIR_SERVER_NUM_CUSTOM_UUID > 0)
3889 /*******************************************************************************
3891 ** Function bta_dm_update_eir_uuid
3896 *******************************************************************************/
3897 void bta_dm_update_eir_uuid (tBTA_DM_MSG *p_data)
3899 tBTA_DM_API_UPDATE_EIR_UUID *p_msg = (tBTA_DM_API_UPDATE_EIR_UUID *)p_data;
3901 UINT8 empty_slot = BTA_EIR_SERVER_NUM_CUSTOM_UUID;
3902 UINT8 match_slot = BTA_EIR_SERVER_NUM_CUSTOM_UUID;
3904 for (xx = 0; xx < BTA_EIR_SERVER_NUM_CUSTOM_UUID; xx++)
3906 if (bta_dm_cb.custom_uuid[xx].len == 0)
3908 if (empty_slot == BTA_EIR_SERVER_NUM_CUSTOM_UUID)
3911 else if (match_slot == BTA_EIR_SERVER_NUM_CUSTOM_UUID)
3913 if (!memcmp (bta_dm_cb.custom_uuid[xx].uu.uuid128, p_msg->uuid.uu.uuid128, p_msg->uuid.len))
3922 if (match_slot == BTA_EIR_SERVER_NUM_CUSTOM_UUID)
3924 if (empty_slot == BTA_EIR_SERVER_NUM_CUSTOM_UUID)
3926 APPL_TRACE_ERROR0("No space to add UUID for EIR");
3931 memcpy (&(bta_dm_cb.custom_uuid[empty_slot]), &(p_msg->uuid), sizeof(tBT_UUID));
3936 APPL_TRACE_ERROR0("UUID is already added for EIR");
3942 if (match_slot == BTA_EIR_SERVER_NUM_CUSTOM_UUID)
3944 APPL_TRACE_ERROR0("UUID is not found for EIR");
3949 memset (&(bta_dm_cb.custom_uuid[match_slot]), 0, sizeof(tBT_UUID));
3953 bta_dm_set_eir (NULL);
3957 /*******************************************************************************
3959 ** Function bta_dm_set_eir_config
3964 *******************************************************************************/
3965 void bta_dm_set_eir_config (tBTA_DM_MSG *p_data)
3967 if (p_data->set_eir_cfg.p_eir_cfg)
3969 /* User defined config */
3970 p_bta_dm_eir_cfg = p_data->set_eir_cfg.p_eir_cfg;
3974 /* Back to default config */
3975 p_bta_dm_eir_cfg = (tBTA_DM_EIR_CONF*)&bta_dm_eir_cfg;
3978 bta_dm_set_eir (NULL);
3981 /*******************************************************************************
3983 ** Function bta_dm_set_eir
3985 ** Description This function creates EIR tagged data and writes it to controller.
3989 *******************************************************************************/
3990 static void bta_dm_set_eir (char *local_name)
3995 #if (BTA_EIR_CANNED_UUID_LIST != TRUE)
3998 #if (BTA_EIR_SERVER_NUM_CUSTOM_UUID > 0)
3999 UINT8 custom_uuid_idx;
4002 #if (BTM_EIR_DEFAULT_FEC_REQUIRED == FALSE)
4003 UINT8 free_eir_length = HCI_EXT_INQ_RESPONSE_LEN;
4005 UINT8 free_eir_length = HCI_DM5_PACKET_SIZE;
4009 UINT8 local_name_len;
4011 /* wait until complete to disable */
4012 if (bta_dm_cb.disable_timer.in_use)
4015 #if ( BTA_EIR_CANNED_UUID_LIST != TRUE )
4016 /* wait until App is ready */
4017 if (bta_dm_cb.app_ready_timer.in_use)
4020 /* if local name is not provided, get it from controller */
4021 if( local_name == NULL )
4023 if( BTM_ReadLocalDeviceName( &local_name ) != BTM_SUCCESS )
4025 APPL_TRACE_ERROR0("Fail to read local device name for EIR");
4030 /* Allocate a buffer to hold HCI command */
4031 if ((p_buf = (BT_HDR *)GKI_getpoolbuf(BTM_CMD_POOL_ID)) == NULL)
4033 APPL_TRACE_ERROR0("bta_dm_set_eir couldn't allocate buffer");
4036 p = (UINT8 *)p_buf + BTM_HCI_EIR_OFFSET;
4038 memset(p, 0x00, HCI_EXT_INQ_RESPONSE_LEN );
4040 APPL_TRACE_DEBUG0("BTA is generating EIR");
4043 local_name_len = strlen( local_name );
4047 data_type = BTM_EIR_COMPLETE_LOCAL_NAME_TYPE;
4048 /* if local name is longer than minimum length of shortened name */
4049 /* check whether it needs to be shortened or not */
4050 if( local_name_len > p_bta_dm_eir_cfg->bta_dm_eir_min_name_len )
4052 /* get number of UUID 16-bit list */
4053 #if (BTA_EIR_CANNED_UUID_LIST == TRUE)
4054 num_uuid = p_bta_dm_eir_cfg->bta_dm_eir_uuid16_len/LEN_UUID_16;
4056 max_num_uuid = (free_eir_length - 2)/LEN_UUID_16;
4057 data_type = BTM_GetEirSupportedServices( bta_dm_cb.eir_uuid, &p,
4058 max_num_uuid, &num_uuid );
4059 p = (UINT8 *)p_buf + BTM_HCI_EIR_OFFSET; /* reset p */
4062 /* if UUID doesn't fit remaing space, shorten local name */
4063 if ( local_name_len > (free_eir_length - 4 - num_uuid*LEN_UUID_16))
4065 APPL_TRACE_WARNING0("BTA EIR: local name is shortened");
4066 local_name_len = p_bta_dm_eir_cfg->bta_dm_eir_min_name_len;
4067 data_type = BTM_EIR_SHORTENED_LOCAL_NAME_TYPE;
4070 data_type = BTM_EIR_COMPLETE_LOCAL_NAME_TYPE;
4073 UINT8_TO_STREAM(p, local_name_len + 1);
4074 UINT8_TO_STREAM(p, data_type);
4076 if (local_name != NULL)
4078 memcpy(p, local_name, local_name_len);
4079 p += local_name_len;
4081 free_eir_length -= local_name_len + 2;
4083 #if (BTA_EIR_CANNED_UUID_LIST == TRUE)
4084 /* if UUID list is provided as static data in configuration */
4085 if(( p_bta_dm_eir_cfg->bta_dm_eir_uuid16_len > 0 )
4086 &&(p_bta_dm_eir_cfg->bta_dm_eir_uuid16))
4088 if( free_eir_length > LEN_UUID_16 + 2)
4090 free_eir_length -= 2;
4092 if( free_eir_length >= p_bta_dm_eir_cfg->bta_dm_eir_uuid16_len)
4094 num_uuid = p_bta_dm_eir_cfg->bta_dm_eir_uuid16_len / LEN_UUID_16;
4095 data_type = BTM_EIR_COMPLETE_16BITS_UUID_TYPE;
4097 else /* not enough room for all UUIDs */
4099 APPL_TRACE_WARNING0("BTA EIR: UUID 16-bit list is truncated");
4100 num_uuid = free_eir_length / LEN_UUID_16;
4101 data_type = BTM_EIR_MORE_16BITS_UUID_TYPE;
4103 UINT8_TO_STREAM(p, num_uuid * LEN_UUID_16 + 1);
4104 UINT8_TO_STREAM(p, data_type);
4105 memcpy(p, p_bta_dm_eir_cfg->bta_dm_eir_uuid16, num_uuid * LEN_UUID_16 );
4106 p += num_uuid * LEN_UUID_16;
4107 free_eir_length -= num_uuid * LEN_UUID_16;
4110 #else /* (BTA_EIR_CANNED_UUID_LIST == TRUE) */
4111 /* if UUID list is dynamic */
4112 if ( free_eir_length >= 2)
4118 max_num_uuid = (free_eir_length - 2)/LEN_UUID_16;
4119 data_type = BTM_GetEirSupportedServices( bta_dm_cb.eir_uuid, &p, max_num_uuid, &num_uuid );
4121 if( data_type == BTM_EIR_MORE_16BITS_UUID_TYPE )
4123 APPL_TRACE_WARNING0("BTA EIR: UUID 16-bit list is truncated");
4125 #if (BTA_EIR_SERVER_NUM_CUSTOM_UUID > 0)
4128 for (custom_uuid_idx = 0; custom_uuid_idx < BTA_EIR_SERVER_NUM_CUSTOM_UUID; custom_uuid_idx++)
4130 if (bta_dm_cb.custom_uuid[custom_uuid_idx].len == LEN_UUID_16)
4132 if ( num_uuid < max_num_uuid )
4134 UINT16_TO_STREAM(p, bta_dm_cb.custom_uuid[custom_uuid_idx].uu.uuid16);
4139 data_type = BTM_EIR_MORE_16BITS_UUID_TYPE;
4140 APPL_TRACE_WARNING0("BTA EIR: UUID 16-bit list is truncated");
4146 #endif /* (BTA_EIR_SERVER_NUM_CUSTOM_UUID > 0) */
4148 UINT8_TO_STREAM(p_length, num_uuid * LEN_UUID_16 + 1);
4149 UINT8_TO_STREAM(p_type, data_type);
4150 free_eir_length -= num_uuid * LEN_UUID_16 + 2;
4152 #endif /* (BTA_EIR_CANNED_UUID_LIST == TRUE) */
4154 #if ( BTA_EIR_CANNED_UUID_LIST != TRUE )&&(BTA_EIR_SERVER_NUM_CUSTOM_UUID > 0)
4155 /* Adding 32-bit UUID list */
4156 if ( free_eir_length >= 2)
4161 data_type = BTM_EIR_COMPLETE_32BITS_UUID_TYPE;
4163 max_num_uuid = (free_eir_length - 2)/LEN_UUID_32;
4165 for (custom_uuid_idx = 0; custom_uuid_idx < BTA_EIR_SERVER_NUM_CUSTOM_UUID; custom_uuid_idx++)
4167 if (bta_dm_cb.custom_uuid[custom_uuid_idx].len == LEN_UUID_32)
4169 if ( num_uuid < max_num_uuid )
4171 UINT32_TO_STREAM(p, bta_dm_cb.custom_uuid[custom_uuid_idx].uu.uuid32);
4176 data_type = BTM_EIR_MORE_32BITS_UUID_TYPE;
4177 APPL_TRACE_WARNING0("BTA EIR: UUID 32-bit list is truncated");
4183 UINT8_TO_STREAM(p_length, num_uuid * LEN_UUID_32 + 1);
4184 UINT8_TO_STREAM(p_type, data_type);
4185 free_eir_length -= num_uuid * LEN_UUID_32 + 2;
4188 /* Adding 128-bit UUID list */
4189 if ( free_eir_length >= 2)
4194 data_type = BTM_EIR_COMPLETE_128BITS_UUID_TYPE;
4196 max_num_uuid = (free_eir_length - 2)/LEN_UUID_128;
4198 for (custom_uuid_idx = 0; custom_uuid_idx < BTA_EIR_SERVER_NUM_CUSTOM_UUID; custom_uuid_idx++)
4200 if (bta_dm_cb.custom_uuid[custom_uuid_idx].len == LEN_UUID_128)
4202 if ( num_uuid < max_num_uuid )
4204 ARRAY16_TO_STREAM(p, bta_dm_cb.custom_uuid[custom_uuid_idx].uu.uuid128);
4209 data_type = BTM_EIR_MORE_128BITS_UUID_TYPE;
4210 APPL_TRACE_WARNING0("BTA EIR: UUID 128-bit list is truncated");
4216 UINT8_TO_STREAM(p_length, num_uuid * LEN_UUID_128 + 1);
4217 UINT8_TO_STREAM(p_type, data_type);
4218 free_eir_length -= num_uuid * LEN_UUID_128 + 2;
4220 #endif /* ( BTA_EIR_CANNED_UUID_LIST != TRUE )&&(BTA_EIR_SERVER_NUM_CUSTOM_UUID > 0) */
4222 /* if Flags are provided in configuration */
4223 if(( p_bta_dm_eir_cfg->bta_dm_eir_flag_len > 0 )
4224 &&( p_bta_dm_eir_cfg->bta_dm_eir_flags )
4225 &&( free_eir_length >= p_bta_dm_eir_cfg->bta_dm_eir_flag_len + 2 ))
4227 UINT8_TO_STREAM(p, p_bta_dm_eir_cfg->bta_dm_eir_flag_len + 1);
4228 UINT8_TO_STREAM(p, BTM_EIR_FLAGS_TYPE);
4229 memcpy(p, p_bta_dm_eir_cfg->bta_dm_eir_flags,
4230 p_bta_dm_eir_cfg->bta_dm_eir_flag_len);
4231 p += p_bta_dm_eir_cfg->bta_dm_eir_flag_len;
4232 free_eir_length -= p_bta_dm_eir_cfg->bta_dm_eir_flag_len + 2;
4235 /* if Manufacturer Specific are provided in configuration */
4236 if(( p_bta_dm_eir_cfg->bta_dm_eir_manufac_spec_len > 0 )
4237 &&( p_bta_dm_eir_cfg->bta_dm_eir_manufac_spec )
4238 &&( free_eir_length >= p_bta_dm_eir_cfg->bta_dm_eir_manufac_spec_len + 2 ))
4242 UINT8_TO_STREAM(p, p_bta_dm_eir_cfg->bta_dm_eir_manufac_spec_len + 1);
4243 UINT8_TO_STREAM(p, BTM_EIR_MANUFACTURER_SPECIFIC_TYPE);
4244 memcpy(p, p_bta_dm_eir_cfg->bta_dm_eir_manufac_spec,
4245 p_bta_dm_eir_cfg->bta_dm_eir_manufac_spec_len);
4246 p += p_bta_dm_eir_cfg->bta_dm_eir_manufac_spec_len;
4247 free_eir_length -= p_bta_dm_eir_cfg->bta_dm_eir_manufac_spec_len + 2;
4255 /* if Inquiry Tx Resp Power compiled */
4256 if ((p_bta_dm_eir_cfg->bta_dm_eir_inq_tx_power) &&
4257 (free_eir_length >= 3))
4259 UINT8_TO_STREAM(p, 2); /* Length field */
4260 UINT8_TO_STREAM(p, BTM_EIR_TX_POWER_LEVEL_TYPE);
4261 UINT8_TO_STREAM(p, *(p_bta_dm_eir_cfg->bta_dm_eir_inq_tx_power));
4262 free_eir_length -= 3;
4265 if( free_eir_length )
4266 UINT8_TO_STREAM(p, 0); /* terminator of significant part */
4268 BTM_WriteEIR( p_buf );
4273 #if ( BTM_EIR_CLIENT_INCLUDED == TRUE )
4274 /*******************************************************************************
4276 ** Function bta_dm_eir_search_services
4278 ** Description This function searches services in received EIR
4282 *******************************************************************************/
4283 static void bta_dm_eir_search_services( tBTM_INQ_RESULTS *p_result,
4284 tBTA_SERVICE_MASK *p_services_to_search,
4285 tBTA_SERVICE_MASK *p_services_found)
4287 tBTA_SERVICE_MASK service_index = 0;
4288 tBTM_EIR_SEARCH_RESULT result;
4290 APPL_TRACE_DEBUG6("BTA searching services in EIR of BDA:0x%02X%02X%02X%02X%02X%02X",
4291 p_result->remote_bd_addr[0],p_result->remote_bd_addr[1],
4292 p_result->remote_bd_addr[2],p_result->remote_bd_addr[3],
4293 p_result->remote_bd_addr[4],p_result->remote_bd_addr[5]);
4295 APPL_TRACE_DEBUG1(" with services_to_search=0x%08X", *p_services_to_search);
4297 #if BLE_INCLUDED == TRUE && BTA_GATT_INCLUDED == TRUE
4298 /* always do GATT based service discovery by SDP instead of from EIR */
4299 /* if GATT based service is also to be put in EIR, need to modify this */
4300 while (service_index < (BTA_MAX_SERVICE_ID - 1))
4302 while(service_index < BTA_MAX_SERVICE_ID)
4305 if( *p_services_to_search
4306 & (tBTA_SERVICE_MASK)(BTA_SERVICE_ID_TO_SERVICE_MASK(service_index)))
4308 result = BTM_HasInquiryEirService( p_result,
4309 bta_service_id_to_uuid_lkup_tbl[service_index] );
4311 /* Searching for HSP v1.2 only device */
4312 if ((result != BTM_EIR_FOUND) &&
4313 (bta_service_id_to_uuid_lkup_tbl[service_index] == UUID_SERVCLASS_HEADSET))
4315 result = BTM_HasInquiryEirService (p_result, UUID_SERVCLASS_HEADSET_HS);
4318 if( result == BTM_EIR_FOUND )
4320 /* If Plug and Play service record, need to check to see if Broadcom stack */
4321 /* However, EIR data doesn't have EXT_BRCM_VERSION so just skip it */
4322 if( bta_service_id_to_uuid_lkup_tbl[service_index]
4323 != UUID_SERVCLASS_PNP_INFORMATION )
4326 *p_services_found |=
4327 (tBTA_SERVICE_MASK)(BTA_SERVICE_ID_TO_SERVICE_MASK(service_index));
4328 /* remove the service from services to be searched */
4329 *p_services_to_search &=
4330 (tBTA_SERVICE_MASK)(~(BTA_SERVICE_ID_TO_SERVICE_MASK(service_index)));
4333 else if( result == BTM_EIR_NOT_FOUND )
4335 /* remove the service from services to be searched */
4336 *p_services_to_search &=
4337 (tBTA_SERVICE_MASK)(~(BTA_SERVICE_ID_TO_SERVICE_MASK(service_index)));
4344 APPL_TRACE_ERROR2("BTA EIR search result, services_to_search=0x%08X, services_found=0x%08X",
4345 *p_services_to_search, *p_services_found);
4349 #if ( BTM_EIR_SERVER_INCLUDED == TRUE )&&(BTA_EIR_CANNED_UUID_LIST != TRUE)
4350 /*******************************************************************************
4352 ** Function bta_dm_eir_update_uuid
4354 ** Description This function adds or removes service UUID in EIR database.
4358 *******************************************************************************/
4359 void bta_dm_eir_update_uuid(UINT16 uuid16, BOOLEAN adding)
4361 /* if this UUID is not advertised in EIR */
4362 if( !BTM_HasEirService( p_bta_dm_eir_cfg->uuid_mask, uuid16 ))
4367 APPL_TRACE_EVENT1("Adding UUID=0x%04X into EIR", uuid16);
4369 BTM_AddEirService( bta_dm_cb.eir_uuid, uuid16 );
4373 APPL_TRACE_EVENT1("Removing UUID=0x%04X from EIR", uuid16);
4375 BTM_RemoveEirService( bta_dm_cb.eir_uuid, uuid16 );
4378 bta_dm_set_eir (NULL);
4380 APPL_TRACE_EVENT2("bta_dm_eir_update_uuid UUID bit mask=0x%08X %08X",
4381 bta_dm_cb.eir_uuid[1], bta_dm_cb.eir_uuid[0] );
4385 /*******************************************************************************
4387 ** Function bta_dm_enable_test_mode
4389 ** Description enable test mode
4394 *******************************************************************************/
4395 void bta_dm_enable_test_mode(tBTA_DM_MSG *p_data)
4397 BTM_EnableTestMode();
4400 /*******************************************************************************
4402 ** Function bta_dm_disable_test_mode
4404 ** Description disable test mode
4409 *******************************************************************************/
4410 void bta_dm_disable_test_mode(tBTA_DM_MSG *p_data)
4412 BTM_DeviceReset(NULL);
4415 /*******************************************************************************
4417 ** Function bta_dm_execute_callback
4419 ** Description Just execute a generic call back in the context of the BTU/BTA tack
4424 *******************************************************************************/
4425 void bta_dm_execute_callback(tBTA_DM_MSG *p_data)
4428 if(p_data->exec_cback.p_exec_cback == NULL)
4433 p_data->exec_cback.p_exec_cback(p_data->exec_cback.p_param);
4435 /*******************************************************************************
4437 ** Function bta_dm_encrypt_cback
4439 ** Description link encryption complete callback.
4443 *******************************************************************************/
4444 void bta_dm_encrypt_cback(BD_ADDR bd_addr, void *p_ref_data, tBTM_STATUS result)
4446 tBTA_STATUS bta_status = BTA_SUCCESS;
4447 tBTA_DM_ENCRYPT_CBACK *p_callback = bta_dm_cb.p_encrypt_cback;
4449 bta_dm_cb.p_encrypt_cback = NULL;
4454 case BTM_WRONG_MODE:
4455 bta_status = BTA_WRONG_MODE;
4457 case BTM_NO_RESOURCES:
4458 bta_status = BTA_NO_RESOURCES;
4461 bta_status = BTA_BUSY;
4464 bta_status = BTA_FAILURE;
4468 APPL_TRACE_DEBUG2("bta_dm_encrypt_cback status =%d p_callback=0x%x", bta_status, p_callback);
4472 (*p_callback)(bd_addr, bta_status);
4475 /*******************************************************************************
4477 ** Function bta_dm_set_encryption
4479 ** Description This function to encrypt the link
4483 *******************************************************************************/
4484 void bta_dm_set_encryption (tBTA_DM_MSG *p_data)
4487 APPL_TRACE_DEBUG0("bta_dm_set_encryption"); //todo
4488 if (!p_data->set_encryption.p_callback)
4490 APPL_TRACE_ERROR0("bta_dm_set_encryption callback is not provided");
4494 if (bta_dm_cb.p_encrypt_cback)
4496 (*p_data->set_encryption.p_callback)(p_data->set_encryption.bd_addr, BTA_BUSY);
4501 bta_dm_cb.p_encrypt_cback = p_data->set_encryption.p_callback;
4502 bta_dm_cb.sec_act = p_data->set_encryption.sec_act;
4503 BTM_SetEncryption(p_data->set_encryption.bd_addr, bta_dm_encrypt_cback, &bta_dm_cb.sec_act);
4506 /*******************************************************************************
4508 ** Function bta_dm_set_afh_channels
4510 ** Description set afh channels
4515 *******************************************************************************/
4516 void bta_dm_set_afh_channels(tBTA_DM_MSG * p_data)
4519 BTM_SetAfhChannels(p_data->set_afhchannels.first,p_data->set_afhchannels.last);
4522 /*******************************************************************************
4524 ** Function bta_dm_set_afh_channel_assesment
4526 ** Description set afh channel assesment
4531 *******************************************************************************/
4533 void bta_dm_set_afh_channel_assesment (tBTA_DM_MSG * p_data)
4535 BTM_SetAfhChannelAssessment(p_data->set_afh_channel_assessment.enable_or_disable);
4538 #if (BLE_INCLUDED == TRUE)
4539 /*******************************************************************************
4541 ** Function bta_dm_observe_results_cb
4543 ** Description Callback for BLE Observe result
4548 *******************************************************************************/
4549 static void bta_dm_observe_results_cb (tBTM_INQ_RESULTS *p_inq, UINT8 *p_eir)
4552 tBTA_DM_SEARCH result;
4553 tBTM_INQ_INFO *p_inq_info;
4554 UINT16 service_class;
4555 APPL_TRACE_DEBUG0("bta_dm_observe_results_cb")
4557 bdcpy(result.inq_res.bd_addr, p_inq->remote_bd_addr);
4558 result.inq_res.rssi = p_inq->rssi;
4559 result.inq_res.ble_addr_type = p_inq->ble_addr_type;
4560 result.inq_res.inq_result_type = p_inq->inq_result_type;
4561 result.inq_res.device_type = p_inq->device_type;
4563 /* application will parse EIR to find out remote device name */
4564 result.inq_res.p_eir = p_eir;
4566 if((p_inq_info = BTM_InqDbRead(p_inq->remote_bd_addr)) != NULL)
4568 /* initialize remt_name_not_required to FALSE so that we get the name by default */
4569 result.inq_res.remt_name_not_required = FALSE;
4572 if(bta_dm_search_cb.p_scan_cback)
4573 bta_dm_search_cb.p_scan_cback(BTA_DM_INQ_RES_EVT, &result);
4577 /* application indicates if it knows the remote name, inside the callback
4578 copy that to the inquiry data base*/
4579 if(result.inq_res.remt_name_not_required)
4580 p_inq_info->appl_knows_rem_name = TRUE;
4584 /*******************************************************************************
4586 ** Function bta_dm_observe_cmpl_cb
4588 ** Description Callback for BLE Observe complete
4593 *******************************************************************************/
4594 static void bta_dm_observe_cmpl_cb (void * p_result)
4596 tBTA_DM_SEARCH data;
4598 APPL_TRACE_DEBUG0("bta_dm_observe_cmpl_cb");
4600 data.inq_cmpl.num_resps = ((tBTM_INQUIRY_CMPL *)p_result)->num_resp;
4601 if (bta_dm_search_cb.p_scan_cback)
4603 bta_dm_search_cb.p_scan_cback(BTA_DM_INQ_CMPL_EVT, &data);
4607 #if (SMP_INCLUDED == TRUE)
4608 /*******************************************************************************
4610 ** Function bta_dm_ble_smp_cback
4612 ** Description Callback for BLE SMP
4617 *******************************************************************************/
4618 static UINT8 bta_dm_ble_smp_cback (tBTM_LE_EVT event, BD_ADDR bda, tBTM_LE_EVT_DATA *p_data)
4620 tBTM_STATUS status = BTM_SUCCESS;
4621 tBTA_DM_SEC sec_event;
4622 char* p_name = NULL;
4625 APPL_TRACE_DEBUG0("bta_dm_ble_smp_cback");
4627 if (!bta_dm_cb.p_sec_cback)
4628 return BTM_NOT_AUTHORIZED;
4630 memset(&sec_event, 0, sizeof(tBTA_DM_SEC));
4633 case BTM_LE_IO_REQ_EVT:
4634 #if (BTM_LOCAL_IO_CAPS != BTM_IO_CAP_NONE)
4636 bta_dm_co_ble_io_req(bda,
4637 &p_data->io_req.io_cap,
4638 &p_data->io_req.oob_data,
4639 &p_data->io_req.auth_req,
4640 &p_data->io_req.max_key_size,
4641 &p_data->io_req.init_keys,
4642 &p_data->io_req.resp_keys);
4644 #if BTM_OOB_INCLUDED == FALSE
4645 status = BTM_SUCCESS;
4647 APPL_TRACE_EVENT2("io mitm: %d oob_data:%d", p_data->io_req.auth_req, p_data->io_req.oob_data);
4651 case BTM_LE_SEC_REQUEST_EVT:
4652 bdcpy(sec_event.ble_req.bd_addr, bda);
4653 p_name = BTM_SecReadDevName(bda);
4656 BCM_STRNCPY_S((char*)sec_event.ble_req.bd_name,
4657 sizeof(BD_NAME), p_name, (BD_NAME_LEN));
4661 sec_event.ble_req.bd_name[0] = 0;
4663 bta_dm_cb.p_sec_cback(BTA_DM_BLE_SEC_REQ_EVT, &sec_event);
4666 case BTM_LE_KEY_NOTIF_EVT:
4667 bdcpy(sec_event.key_notif.bd_addr, bda);
4668 p_name = BTM_SecReadDevName(bda);
4671 BCM_STRNCPY_S((char*)sec_event.key_notif.bd_name,
4672 sizeof(BD_NAME), p_name, (BD_NAME_LEN));
4676 sec_event.key_notif.bd_name[0] = 0;
4678 sec_event.key_notif.passkey = p_data->key_notif;
4679 bta_dm_cb.p_sec_cback(BTA_DM_BLE_PASSKEY_NOTIF_EVT, &sec_event);
4682 case BTM_LE_KEY_REQ_EVT:
4683 bdcpy(sec_event.ble_req.bd_addr, bda);
4684 bta_dm_cb.p_sec_cback(BTA_DM_BLE_PASSKEY_REQ_EVT, &sec_event);
4687 case BTM_LE_OOB_REQ_EVT:
4688 bdcpy(sec_event.ble_req.bd_addr, bda);
4689 bta_dm_cb.p_sec_cback(BTA_DM_BLE_OOB_REQ_EVT, &sec_event);
4692 case BTM_LE_KEY_EVT:
4693 bdcpy(sec_event.ble_key.bd_addr, bda);
4694 sec_event.ble_key.key_type = p_data->key.key_type;
4696 if (p_data->key.key_type == BTM_LE_KEY_PID)
4698 for (i=0; i<BT_OCTET16_LEN; i++ )
4700 sec_event.ble_key.key_value.pid_key.irk[i] = p_data->key.p_key_value->pid_key.irk[i];
4702 sec_event.ble_key.key_value.pid_key.addr_type = p_data->key.p_key_value->pid_key.addr_type;
4703 memcpy( &(sec_event.ble_key.key_value.pid_key.static_addr),
4704 &(p_data->key.p_key_value->pid_key.static_addr),
4709 memcpy(&sec_event.ble_key.key_value, p_data->key.p_key_value, sizeof(tBTM_LE_KEY_VALUE));
4711 // memcpy(&sec_event.ble_key.key_value, p_data->key.p_key_value, sizeof(tBTM_LE_KEY_VALUE)); todo will crash
4712 bta_dm_cb.p_sec_cback(BTA_DM_BLE_KEY_EVT, &sec_event);
4715 case BTM_LE_COMPLT_EVT:
4716 bdcpy(sec_event.auth_cmpl.bd_addr, bda);
4717 p_name = BTM_SecReadDevName(bda);
4720 BCM_STRNCPY_S((char*)sec_event.auth_cmpl.bd_name,
4721 sizeof(BD_NAME), p_name, (BD_NAME_LEN));
4725 sec_event.auth_cmpl.bd_name[0] = 0;
4727 if (p_data->complt.reason != 0)
4729 sec_event.auth_cmpl.fail_reason = BTA_DM_AUTH_CONVERT_SMP_CODE(((UINT8)p_data->complt.reason));
4730 /* delete this device entry from Sec Dev DB */
4731 bta_dm_remove_sec_dev_entry (bda);
4735 sec_event.auth_cmpl.success = TRUE;
4737 sec_event.auth_cmpl.privacy_enabled = p_data->complt.privacy_supported;
4738 if (bta_dm_cb.p_sec_cback)
4740 //bta_dm_cb.p_sec_cback(BTA_DM_AUTH_CMPL_EVT, &sec_event);
4741 bta_dm_cb.p_sec_cback(BTA_DM_BLE_AUTH_CMPL_EVT, &sec_event);
4747 status = BTM_NOT_AUTHORIZED;
4752 #endif /* SMP_INCLUDED == TRUE */
4754 /*******************************************************************************
4756 ** Function bta_dm_ble_id_key_cback
4758 ** Description Callback for BLE local ID keys
4763 *******************************************************************************/
4764 static void bta_dm_ble_id_key_cback (UINT8 key_type, tBTM_BLE_LOCAL_KEYS *p_key)
4771 case BTM_BLE_KEY_TYPE_ID:
4772 case BTM_BLE_KEY_TYPE_ER:
4773 if (bta_dm_cb.p_sec_cback)
4775 memcpy(&dm_key.ble_id_keys, p_key, sizeof(tBTM_BLE_LOCAL_KEYS));
4777 evt = (key_type == BTM_BLE_KEY_TYPE_ID) ? BTA_DM_BLE_LOCAL_IR_EVT :\
4778 BTA_DM_BLE_LOCAL_ER_EVT;
4779 bta_dm_cb.p_sec_cback(evt, &dm_key);
4784 APPL_TRACE_DEBUG1("Unknown key type %d", key_type);
4791 /*******************************************************************************
4793 ** Function bta_dm_add_blekey
4795 ** Description This function adds an BLE Key to an security database entry.
4796 ** This function shall only be called AFTER BTA_DmAddBleDevice has been called.
4797 ** It is normally called during host startup to restore all required information
4798 ** stored in the NVRAM.
4802 *******************************************************************************/
4803 void bta_dm_add_blekey (tBTA_DM_MSG *p_data)
4805 if (!BTM_SecAddBleKey (p_data->add_ble_key.bd_addr,
4806 (tBTM_LE_KEY_VALUE *)&p_data->add_ble_key.blekey,
4807 p_data->add_ble_key.key_type))
4809 APPL_TRACE_ERROR2 ("BTA_DM: Error adding BLE Key for device %08x%04x",
4810 (p_data->add_ble_key.bd_addr[0]<<24)+(p_data->add_ble_key.bd_addr[1]<<16)+\
4811 (p_data->add_ble_key.bd_addr[2]<<8)+p_data->add_ble_key.bd_addr[3],
4812 (p_data->add_ble_key.bd_addr[4]<<8)+p_data->add_ble_key.bd_addr[5]);
4816 /*******************************************************************************
4818 ** Function bta_dm_add_ble_device
4820 ** Description This function adds an BLE device to an security database entry.
4821 ** It is normally called during host startup to restore all required information
4822 ** stored in the NVRAM.
4826 *******************************************************************************/
4827 void bta_dm_add_ble_device (tBTA_DM_MSG *p_data)
4829 if (!BTM_SecAddBleDevice (p_data->add_ble_device.bd_addr, NULL,
4830 p_data->add_ble_device.dev_type ,
4831 p_data->add_ble_device.addr_type))
4833 APPL_TRACE_ERROR2 ("BTA_DM: Error adding BLE Device for device %08x%04x",
4834 (p_data->add_ble_device.bd_addr[0]<<24)+(p_data->add_ble_device.bd_addr[1]<<16)+ \
4835 (p_data->add_ble_device.bd_addr[2]<<8)+p_data->add_ble_device.bd_addr[3],
4836 (p_data->add_ble_device.bd_addr[4]<<8)+p_data->add_ble_device.bd_addr[5]);
4840 /*******************************************************************************
4842 ** Function bta_dm_add_ble_device
4844 ** Description This function adds an BLE device to an security database entry.
4845 ** It is normally called during host startup to restore all required information
4846 ** stored in the NVRAM.
4850 *******************************************************************************/
4851 void bta_dm_ble_passkey_reply (tBTA_DM_MSG *p_data)
4853 if (p_data->pin_reply.accept)
4856 BTM_BlePasskeyReply(p_data->ble_passkey_reply.bd_addr, BTM_SUCCESS, p_data->ble_passkey_reply.passkey);
4860 BTM_BlePasskeyReply(p_data->ble_passkey_reply.bd_addr, BTM_NOT_AUTHORIZED, p_data->ble_passkey_reply.passkey);
4865 /*******************************************************************************
4867 ** Function bta_dm_security_grant
4869 ** Description This function grant SMP security request access.
4873 *******************************************************************************/
4874 void bta_dm_security_grant (tBTA_DM_MSG *p_data)
4876 BTM_SecurityGrant(p_data->ble_sec_grant.bd_addr, p_data->ble_sec_grant.res);
4879 /*******************************************************************************
4881 ** Function bta_dm_ble_set_bg_conn_type
4883 ** Description This function set the BLE background connection type
4887 *******************************************************************************/
4888 void bta_dm_ble_set_bg_conn_type (tBTA_DM_MSG *p_data)
4890 BTM_BleSetBgConnType(p_data->ble_set_bd_conn_type.bg_conn_type,
4891 p_data->ble_set_bd_conn_type.p_select_cback);
4894 /*******************************************************************************
4896 ** Function bta_dm_ble_set_conn_params
4898 ** Description This function set the preferred connection parameters.
4902 *******************************************************************************/
4903 void bta_dm_ble_set_conn_params (tBTA_DM_MSG *p_data)
4905 BTM_BleSetPrefConnParams(p_data->ble_set_conn_params.peer_bda,
4906 p_data->ble_set_conn_params.conn_int_min,
4907 p_data->ble_set_conn_params.conn_int_max,
4908 p_data->ble_set_conn_params.slave_latency,
4909 p_data->ble_set_conn_params.supervision_tout);
4912 /*******************************************************************************
4914 ** Function bta_dm_ble_set_scan_params
4916 ** Description This function set the preferred connection scan parameters.
4920 *******************************************************************************/
4921 void bta_dm_ble_set_scan_params (tBTA_DM_MSG *p_data)
4923 BTM_BleSetConnScanParams(p_data->ble_set_scan_params.scan_int,
4924 p_data->ble_set_scan_params.scan_window);
4928 /*******************************************************************************
4930 ** Function bta_dm_ble_observe
4932 ** Description This function set the preferred connection scan parameters.
4936 *******************************************************************************/
4937 void bta_dm_ble_observe (tBTA_DM_MSG *p_data)
4941 if (p_data->ble_observe.start)
4943 /*Save the callback to be called when a scan results are available */
4944 bta_dm_search_cb.p_scan_cback = p_data->ble_observe.p_cback;
4945 if ((status = BTM_BleObserve(TRUE, p_data->ble_observe.duration,
4946 bta_dm_observe_results_cb, bta_dm_observe_cmpl_cb))!= BTM_SUCCESS)
4948 tBTA_DM_SEARCH data;
4949 APPL_TRACE_WARNING2(" %s BTM_BleObserve failed. status %d",__FUNCTION__,status);
4950 data.inq_cmpl.num_resps = 0;
4951 if (bta_dm_search_cb.p_scan_cback)
4953 bta_dm_search_cb.p_scan_cback(BTA_DM_INQ_CMPL_EVT, &data);
4959 bta_dm_search_cb.p_scan_cback = NULL;
4960 BTM_BleObserve(FALSE, 0, NULL,NULL );
4963 /*******************************************************************************
4965 ** Function bta_dm_ble_set_scan_params
4967 ** Description This function set the adv parameters.
4971 *******************************************************************************/
4972 void bta_dm_ble_set_adv_params (tBTA_DM_MSG *p_data)
4974 BTM_BleSetAdvParams(p_data->ble_set_adv_params.adv_int_min,
4975 p_data->ble_set_adv_params.adv_int_max,
4976 p_data->ble_set_adv_params.p_dir_bda,
4977 BTA_DM_BLE_ADV_CHNL_MAP);
4979 /*******************************************************************************
4981 ** Function bta_dm_ble_set_adv_config
4983 ** Description This function set the customized ADV data configuration
4987 *******************************************************************************/
4988 void bta_dm_ble_set_adv_config (tBTA_DM_MSG *p_data)
4990 BTM_BleWriteAdvData(p_data->ble_set_adv_data.data_mask,
4991 (tBTM_BLE_ADV_DATA *)p_data->ble_set_adv_data.p_adv_cfg);
4995 #if ((defined BTA_GATT_INCLUDED) && (BTA_GATT_INCLUDED == TRUE))
4996 #ifndef BTA_DM_GATT_CLOSE_DELAY_TOUT
4997 #define BTA_DM_GATT_CLOSE_DELAY_TOUT 1000
5000 /*******************************************************************************
5002 ** Function bta_dm_gattc_register
5004 ** Description Register with GATTC in DM if BLE is needed.
5009 *******************************************************************************/
5010 static void bta_dm_gattc_register(void)
5012 tBT_UUID app_uuid = {LEN_UUID_128,{0}};
5014 if (bta_dm_search_cb.client_if == BTA_GATTS_INVALID_IF)
5016 memset (&app_uuid.uu.uuid128, 0x87, LEN_UUID_128);
5017 BTA_GATTC_AppRegister(&app_uuid, bta_dm_gattc_callback);
5021 /*******************************************************************************
5023 ** Function btm_dm_start_disc_gatt_services
5025 ** Description This function starts a GATT service search request.
5029 *******************************************************************************/
5030 static void btm_dm_start_disc_gatt_services (UINT16 conn_id)
5032 tBT_UUID *p_uuid = bta_dm_search_cb.p_srvc_uuid +
5033 bta_dm_search_cb.num_uuid - bta_dm_search_cb.uuid_to_search;
5035 p_uuid = bta_dm_search_cb.p_srvc_uuid +
5036 bta_dm_search_cb.num_uuid - bta_dm_search_cb.uuid_to_search;
5038 /* always search for all services */
5039 BTA_GATTC_ServiceSearchRequest(conn_id, p_uuid);
5042 /*******************************************************************************
5044 ** Function bta_dm_gatt_disc_result
5046 ** Description This function process the GATT service search result.
5050 *******************************************************************************/
5051 static void bta_dm_gatt_disc_result(tBTA_GATT_ID service_id)
5053 tBTA_DM_SEARCH result;
5056 * This logic will not work for gatt case. We are checking against the bluetooth profiles here
5057 * just copy the GATTID in raw data field and send it across.
5061 if ( bta_dm_search_cb.ble_raw_used + sizeof(tBTA_GATT_ID) < bta_dm_search_cb.ble_raw_size )
5063 APPL_TRACE_DEBUG3("ADDING BLE SERVICE uuid=0x%x, ble_ptr = 0x%x, ble_raw_used = 0x%x", service_id.uuid.uu.uuid16,bta_dm_search_cb.p_ble_rawdata,bta_dm_search_cb.ble_raw_used);
5065 if(bta_dm_search_cb.p_ble_rawdata)
5067 memcpy((bta_dm_search_cb.p_ble_rawdata + bta_dm_search_cb.ble_raw_used), &service_id,
5068 sizeof(service_id) );
5070 bta_dm_search_cb.ble_raw_used += sizeof(service_id);
5074 APPL_TRACE_ERROR0("p_ble_rawdata is NULL");
5080 APPL_TRACE_ERROR3("%s out of room to accomodate more service ids ble_raw_size = %d ble_raw_used = %d", __FUNCTION__,bta_dm_search_cb.ble_raw_size, bta_dm_search_cb.ble_raw_used );
5083 APPL_TRACE_ERROR1("bta_dm_gatt_disc_result serivce_id len=%d ", service_id.uuid.len);
5084 if ( bta_dm_search_cb.state != BTA_DM_SEARCH_IDLE)
5087 /* send result back to app now, one by one */
5088 bdcpy (result.disc_ble_res.bd_addr, bta_dm_search_cb.peer_bdaddr);
5089 BCM_STRNCPY_S((char*)result.disc_ble_res.bd_name, sizeof(BD_NAME), bta_dm_get_remname(), (BD_NAME_LEN-1));
5090 result.disc_ble_res.bd_name[BD_NAME_LEN] = 0;
5091 memcpy(&result.disc_ble_res.service, &service_id.uuid, sizeof(tBT_UUID));
5093 bta_dm_search_cb.p_search_cback(BTA_DM_DISC_BLE_RES_EVT, &result);
5097 /*******************************************************************************
5099 ** Function bta_dm_gatt_disc_complete
5101 ** Description This function process the GATT service search complete.
5105 *******************************************************************************/
5106 static void bta_dm_gatt_disc_complete(UINT16 conn_id, tBTA_GATT_STATUS status)
5110 APPL_TRACE_DEBUG1("bta_dm_gatt_disc_complete conn_id = %d",conn_id);
5112 if (bta_dm_search_cb.uuid_to_search > 0) bta_dm_search_cb.uuid_to_search --;
5114 if (status == BTA_GATT_OK && bta_dm_search_cb.uuid_to_search > 0)
5116 btm_dm_start_disc_gatt_services(conn_id);
5120 bta_dm_search_cb.uuid_to_search = 0;
5122 /* no more services to be discovered */
5123 if ((p_msg = (tBTA_DM_MSG *) GKI_getbuf(sizeof(tBTA_DM_MSG))) != NULL)
5125 p_msg->hdr.event = BTA_DM_DISCOVERY_RESULT_EVT;
5126 p_msg->disc_result.result.disc_res.result = (status == BTA_GATT_OK) ? BTA_SUCCESS :BTA_FAILURE;
5127 p_msg->disc_result.result.disc_res.services = bta_dm_search_cb.services_found;
5128 p_msg->disc_result.result.disc_res.num_uuids = 0;
5129 p_msg->disc_result.result.disc_res.p_uuid_list = NULL;
5130 bdcpy (p_msg->disc_result.result.disc_res.bd_addr, bta_dm_search_cb.peer_bdaddr);
5131 BCM_STRNCPY_S((char*)p_msg->disc_result.result.disc_res.bd_name, sizeof(BD_NAME),
5132 bta_dm_get_remname(), (BD_NAME_LEN-1));
5134 /* make sure the string is terminated */
5135 p_msg->disc_result.result.disc_res.bd_name[BD_NAME_LEN-1] = 0;
5137 p_msg->disc_result.result.disc_res.device_type = BT_DEVICE_TYPE_BLE;
5138 if ( bta_dm_search_cb.ble_raw_used > 0 )
5140 p_msg->disc_result.result.disc_res.p_raw_data = GKI_getbuf(bta_dm_search_cb.ble_raw_used);
5142 memcpy( p_msg->disc_result.result.disc_res.p_raw_data,
5143 bta_dm_search_cb.p_ble_rawdata,
5144 bta_dm_search_cb.ble_raw_used );
5146 p_msg->disc_result.result.disc_res.raw_data_size = bta_dm_search_cb.ble_raw_used;
5150 p_msg->disc_result.result.disc_res.p_raw_data = NULL;
5151 bta_dm_search_cb.p_ble_rawdata = 0;
5154 bta_sys_sendmsg(p_msg);
5156 if (conn_id != BTA_GATT_INVALID_CONN_ID)
5158 if (BTA_DM_GATT_CLOSE_DELAY_TOUT != 0)
5160 bta_sys_start_timer(&bta_dm_search_cb.gatt_close_timer, BTA_DM_DISC_CLOSE_TOUT_EVT,
5161 BTA_DM_GATT_CLOSE_DELAY_TOUT);
5165 BTA_GATTC_Close(conn_id);
5166 bta_dm_search_cb.conn_id = BTA_GATT_INVALID_CONN_ID;
5170 bta_dm_search_cb.gatt_disc_active = FALSE;
5174 /*******************************************************************************
5176 ** Function bta_dm_close_gatt_conn
5178 ** Description This function close the GATT connection after delay timeout.
5182 *******************************************************************************/
5183 void bta_dm_close_gatt_conn(tBTA_DM_MSG *p_data)
5185 if (bta_dm_search_cb.conn_id != BTA_GATT_INVALID_CONN_ID)
5186 BTA_GATTC_Close(bta_dm_search_cb.conn_id);
5188 bta_dm_search_cb.conn_id = BTA_GATT_INVALID_CONN_ID;
5191 /*******************************************************************************
5193 ** Function btm_dm_start_gatt_discovery
5195 ** Description This is GATT initiate the service search by open a GATT connection
5200 *******************************************************************************/
5201 void btm_dm_start_gatt_discovery (BD_ADDR bd_addr)
5203 bta_dm_search_cb.gatt_disc_active = TRUE;
5205 /* connection is already open */
5206 if (bdcmp(bta_dm_search_cb.pending_close_bda, bd_addr) == 0 &&
5207 bta_dm_search_cb.conn_id != BTA_GATT_INVALID_CONN_ID)
5209 memset(bta_dm_search_cb.pending_close_bda, 0, BD_ADDR_LEN);
5210 bta_sys_stop_timer(&bta_dm_search_cb.gatt_close_timer);
5211 btm_dm_start_disc_gatt_services(bta_dm_search_cb.conn_id);
5214 BTA_GATTC_Open(bta_dm_search_cb.client_if, bd_addr, TRUE);
5217 /*******************************************************************************
5219 ** Function bta_dm_cancel_gatt_discovery
5221 ** Description This is GATT cancel the GATT service search.
5225 *******************************************************************************/
5226 static void bta_dm_cancel_gatt_discovery(BD_ADDR bd_addr)
5228 if (bta_dm_search_cb.conn_id == BTA_GATT_INVALID_CONN_ID)
5230 BTA_GATTC_CancelOpen(bta_dm_search_cb.client_if, bd_addr, TRUE);
5233 bta_dm_gatt_disc_complete(bta_dm_search_cb.conn_id, (tBTA_GATT_STATUS) BTA_GATT_ERROR);
5236 /*******************************************************************************
5238 ** Function bta_dm_proc_open_evt
5240 ** Description process BTA_GATTC_OPEN_EVT in DM.
5244 *******************************************************************************/
5245 void bta_dm_proc_open_evt(tBTA_GATTC_OPEN *p_data)
5250 p1 = bta_dm_search_cb.peer_bdaddr;
5251 p2 = p_data->remote_bda;
5253 APPL_TRACE_DEBUG5("DM Search state= %d search_cb.peer_dbaddr: [%08x%04x] connected_bda= [%08x%04x] ",
5254 bta_dm_search_cb.state,
5255 ((p1[0])<<24)+((p1[1])<<16)+((p1[2])<<8)+(p1[3]),
5256 ((p1[4])<<8)+ p1[5],
5257 ((p2[0])<<24)+((p2[1])<<16)+((p2[2])<<8)+(p2[3]),
5258 ((p2[4])<<8)+ p2[5]);
5260 APPL_TRACE_DEBUG3("BTA_GATTC_OPEN_EVT conn_id = %d client_if=%d status = %d" ,
5265 bta_dm_search_cb.conn_id = p_data->conn_id;
5267 if (p_data->status == BTA_GATT_OK)
5269 btm_dm_start_disc_gatt_services(p_data->conn_id);
5273 bta_dm_gatt_disc_complete(BTA_GATT_INVALID_CONN_ID, p_data->status);
5277 /*******************************************************************************
5279 ** Function bta_dm_gattc_callback
5281 ** Description This is GATT client callback function used in DM.
5285 *******************************************************************************/
5286 static void bta_dm_gattc_callback(tBTA_GATTC_EVT event, tBTA_GATTC *p_data)
5288 APPL_TRACE_DEBUG1("bta_dm_gattc_callback event = %d", event);
5292 case BTA_GATTC_REG_EVT:
5293 APPL_TRACE_DEBUG1("BTA_GATTC_REG_EVT client_if = %d", p_data->reg_oper.client_if);
5294 if (p_data->reg_oper.status == BTA_GATT_OK)
5295 bta_dm_search_cb.client_if = p_data->reg_oper.client_if;
5297 bta_dm_search_cb.client_if = BTA_GATTS_INVALID_IF;
5300 case BTA_GATTC_OPEN_EVT:
5301 bta_dm_proc_open_evt(&p_data->open);
5304 case BTA_GATTC_SEARCH_RES_EVT:
5305 bta_dm_gatt_disc_result(p_data->srvc_res.service_uuid.id);
5308 case BTA_GATTC_SEARCH_CMPL_EVT:
5309 if ( bta_dm_search_cb.state != BTA_DM_SEARCH_IDLE)
5310 bta_dm_gatt_disc_complete(p_data->search_cmpl.conn_id, p_data->search_cmpl.status);
5313 case BTA_GATTC_CLOSE_EVT:
5314 APPL_TRACE_DEBUG1("BTA_GATTC_CLOSE_EVT reason = %d", p_data->close.reason);
5315 /* in case of disconnect before search is completed */
5316 if ( (bta_dm_search_cb.state != BTA_DM_SEARCH_IDLE) &&
5317 !memcmp(p_data->close.remote_bda, bta_dm_search_cb.peer_bdaddr, BD_ADDR_LEN))
5319 bta_dm_gatt_disc_complete((UINT16)BTA_GATT_INVALID_CONN_ID, (tBTA_GATT_STATUS) BTA_GATT_ERROR);
5328 #endif /* BTA_GATT_INCLUDED */
5329 #endif /* BLE_INCLUDED */
OSDN Git Service
